Share this article
BitMEX Says Quality Check 'Failure' Led to Email Privacy Breach
The crypto-derivatives exchange says poor internal checks caused most of the exchange's clients to be exposed to privacy risks.
Updated Sep 13, 2021, 11:40 a.m. Published Nov 4, 2019, 3:25 p.m.
BitMEX says its internal processes "failed" last week, subsequently exposing thousands of the exchange's clients to privacy risks.
In a company blog posting on Monday, the crypto-derivatives exchange said its mass emailing operation failed causing “most BitMEX users” to have their email addresses publicly exposed via carbon copy (CC) on Nov. 1.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
Data provider Skew says BitMEX has some 22,000 daily users, though the number of email addresses exposed is likely significantly higher.
With major email servers imposing restrictions on bulk emailing, the firm said:
"To remedy this, we built an in-house system to handle the necessary rendering, translation, staging, and piecemeal (as not to trigger rate limits) sending of important email."
The exchange said it sends emails to all users very rarely, the last one of this size shipping in 2017. To expedite the process, the exchange's email systems API was changed at the last minute, but did not undergo the typical checking process.
“BitMEX is a global business that sends emails to many different email providers,” said deputy chief operating officer Vivien Khoo in the blog posting. “Unfortunately, this makes the job of large services such as BitMEX difficult at times.”
The exchange says it stopped further batches of emails being sent out upon recognition of the issue.
In response to the leak, BitMEX says they employed password resets and human review on endangered accounts. All users lacking two-factor authentication (2FA) and also holding account balances had passwords reset after the exchange noted hostile attempts to access accounts.
In an email to CoinDesk last Friday, Khoo reiterated that no other personal information was divulged.
“Beyond email addresses, at no point during this issue has any personal data or account information been disclosed.”
BitMEX CEO Arthur Hayes image via BitMEX
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
Coinbase Sees Crypto Recovery Ahead as Liquidity Improves and Fed Rate Cut Odds Climb
The crypto exchange also took note of a so-called AI bubble that continues to go strong and a weaker U.S. dollar.
What to know:
- Coinbase Institutional is seeing a potential December recovery in crypto, citing improving liquidity and a shift in macroeconomic conditions that could favor risk assets like bitcoin.
- The firm's optimism is driven by rising odds of Federal Reserve rate cuts, with markets pricing in a 93% chance easing next week, and improving liquidity conditions.
- Several recent institutional developments, including Vanguard's crypto ETF policy reversal and Bank of America's greenlighting of crypto allocations, have contributed to bitcoin's rebound from recent lows.
Top Stories
