Australian Crypto Exchange Exposes Personal Data of 270K Users

BTC Markets, one of Australia's biggest cryptocurrency exchanges, has accidentally exposed users' data, raising the risk of phishing attacks.

AccessTimeIconDec 2, 2020 at 8:54 a.m. UTC
Updated May 9, 2023 at 3:13 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

BTC Markets, one of Australia's biggest cryptocurrency exchanges, has accidentally exposed users' personal data, raising the risk of phishing attacks.

As reported by Business Insider Australiahttps://www.businessinsider.com.au/btc-market-cryptocurrency-privacy-breach-2020-12 on Wednesday, the exchange revealed the names and email addresses of over 270,000 users when it sent out mass emails. The error saw names and addresses placed in the "to" section rather than individually addressing each recipient or using blind carbon copy.

  • Australia's CBDC Pilot Shows 'Path Forward' for a Tokenized Economy: Canvas CEO
    08:55
    Australia's CBDC Pilot Shows 'Path Forward' for a Tokenized Economy: Canvas CEO
  • Australia Won't Introduce a CBDC for Some Years, Central Bank Says
    02:31
    Australia Won't Introduce a CBDC for Some Years, Central Bank Says
  • Binance to Shut Down 'Connect' Service; State of Crypto in Singapore and Australia
    26:09
    Binance to Shut Down 'Connect' Service; State of Crypto in Singapore and Australia
  • Caroline Bowler: Australia's Crypto Potential
    30:00
    Caroline Bowler: Australia's Crypto Potential
  • The emails were sent out in batches of 1,000 recipients and meaning the exposure to a bad actor was limited to the data of 999 individuals per email.

    However, "all account holders were affected." BTC Market's CEO Caroline Bowler said in a tweet "The email was sent in batches, rather than in bulk."

    Once initiated, the emails could not be stopped even after the error was noticed, according to the report.

    While no passwords or financial data were included in the breach, email addresses can be used for targeted phishing campaigns, since the attackers know the individuals affected have cryptocurrency accounts.

    The error highlights the risks that centralized exchanges can pose when it comes to user's data and privacy.

    According to Business Insider, BTC Markets will report the breach to the Office of the Australian Information Commissioner, undertake an internal review and work to increase its security.

    CoinDesk reached out to BTC Markets for comment, but did not receive a reply by press time.

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.