Privacy Breach In BTC Markets, All Customers Vulnerable To Phishing Attacks Author: Ali Raza Last Updated: 02 December 2020 BTC Markets stands as a major crypto exchange for Australia. On the 1st of December, 2020, the exchange made a big blunder, managing to accidentally expose the email addresses and full names of all of its customers. This was done through a marketing email that was sent to each individual that was affected by the privacy breach. Taking Steps To Remedy The Problem The emails themselves were sent in 1000-customer batches, meaning that every one customer in said batch had access to the name and email of the remaining 999 customers. As it stands now, BTC Markets is doing the right thing in light of this error: Reporting it to the relevant authorities. In the Australian exchange’s case, this authority stands as the Office of the Australian Information Commissioner, or OAIC. It was further noted that the exchange would start taking guidance from the OAIC as to how to respond to this privacy breach when moving forward. Placating The Masses Caroline Bowler stands as the CEO of BTC markets, and stated that her company gives its “heartfelt apologies” for this entire incident. Bowler stated that BTC Markets is having its executives working around the clock to minimize the aftermath of this breach. Furthermore, Bowler is promising more security features to be added, in order to prevent these kinds of information leaks in the future. Bowler has gone out and advised the various customers of BTC Markets to ensure they enable the two-factor authentication feature in order to ensure their account’s protection. Furthermore, Bowler urged the exchange’s customers to change their passwords on their respective email accounts. Urging Caution And Extra Security measures Further warnings from Bowler come by way of urging customers to be wary should any unauthorized attempt be made to access their email accounts. Another threat to watch out for is various phishing scams that claim to be from BTC Markets itself. Regarding the phishing attempts, Bowler urged her exchange’s customers to make sure that these emails claiming to be from BTC Markets are sent from addresses ending in “@btcmarkets.net” and nothing other than that. Bowler was quick to point out that BTC Markets as an exchange did not have its own security hampered by this breach. Furthermore, she stated that the email addresses and full names were leaked through the breach, but nothing more than that. The email that caused the breach, to begin with, was a promotional email issued out to announce the USDT pairings that will be listed on BTC Markets, starting from the 3rd of December, 2020.