Leaked information. Are we really safe at all? - page 2.

hd49728

legendary

Activity: 2044

Merit: 1018

Only email leaks don't put Bitmex users under losses. Because of people who have access to Bitmex's user email leak don't have access to those emails. What they can do is sending phising things to those email addresses if they want.

Hence, if users are aware of the news, and be careful when using their emails: don't click on links send by strange emails or from familiar emails but if contents or links are strange; they will be safe.

Furthermore, they can change their email passwords, and it is time for them to remind that they use that email for how many accounts on exchanges and other services, and whether they use same passwords over exchanges & services. If they use same passwords, it's time to change as soon as possible.

The news is bad for Bitmex's reputation but not too bad for their users, IMO.

People can check their email status there: https://haveibeenpwned.com/

Quote from: hd49728 on October 21, 2019, 09:16:43 AM

Regarding to email security, you can use the following site: https://haveibeenpwned.com/
It is very simple to use: Typing your email address, then enter to see it has already been compromised or not. In case your email has been already compromised, it's your turn to reset your password and consider to enhance security and privacy for your email.
There are two types of results:
1. Bad: pwned!

Quote

Oh no — pwned!
Pwned on X breached sites and found no pastes (subscribe to search sensitive breaches)

2. Good: no pwnage found!

Quote

Good news — no pwnage found!
No breached accounts and no pastes (subscribe to search sensitive breaches)

You should take action as quickly as possible if your email checking result fall into the first type.

mk4

legendary

Activity: 2716

Merit: 3817

Paldo.io 🤖

Quote from: truongtheanhc3 on November 02, 2019, 11:50:17 AM

I really feel worried about my information on trading platforms and places that require identification.

Hence why it's totally frowned upon to use exchanges that requires KYC, because the potential leaks could be a lot more destructive. Fortunately with this leak, it wasn't THAT devastating(though still very unfortunate).

Do your part and try out non-custodial wallets like Bisq[1] and Hodl Hodl[2].

[1] https://bisq.network/
[2] https://hodlhodl.com/

truongtheanhc3

jr. member

Activity: 53

Merit: 4

I really feel worried about my information on trading platforms and places that require identification. However, similar stories have occurred in many different platforms, even a large trading platform, Binance, has been accused of leaking user information.

electronicash

legendary

Activity: 3066

Merit: 1049

Eloncoin.org - Mars, here we come!

when you register your email, its already there, you can assume your identity is already compromised but its really not of a big deal. as long as you don't click any link inside your email, i think its safe. i've been receiving many emails, all are just ignored unless they are all pmed in telegram and here in bitcointalk. all people today has their throw away emails used to register so any website. are kyc documents also compromised in bitmex?

ranochigo

legendary

Activity: 2954

Merit: 4158

Given the amount of exposure that emails could get even without it being compromised, I don't believe that having leaked email is that big of a deal. Sure, it does infringe on your privacy and makes you a target for spear-phishing. But I treat an email address the same as my physical house address and assume that it is already exposed and take extra precautions when looking at possible phishing email. It's more dangerous with leaked passwords but as long as you don't use the same password across all your accounts then you're less vulnerable.

Its a whole different story if your identity information got leaked.

lobat999

sr. member

Activity: 1078

Merit: 310

I think the best thing to do is don't follow any email instructions with regards to this supposedly leakage especially if the sender is not their official email account because it could be a front to a phishing scheme.

I guess the best thing to do if you still have any assets still within that exchange is that you could log in directly to your account via a previously bookmarked BitMex site and check your assets and transfer them to private wallets and change your account credentials and activate any other security measures in your account such as 2FA in order to have a peace of mind . Imho.

Wexnident

hero member

Activity: 2548

Merit: 666

I don't take loans, ask for sig if I ever do.

Nothing really new there. No system is perfect after all. I'd avoid any spam emails for now that is received by your email though, seeing that emails were the only information leaked by Bitmex. I'd suggest basically banning and placing all messages related to BitMex to spam folder for at least a month, so that all this farce could be avoided by you. By then, at least from what I think, all related spams and possible scams and malware would've stopped. Still, be safe and replace your password, enable 2FA, account recovery and such.

UserU

hero member

Activity: 2058

Merit: 532

FREE passive income eBook @ tinyurl.com/PIA10

Did the link bring you to a secure page or an insecure one? Nowadays we can't even trust those green protocols, sadly.

pealr12

hero member

Activity: 1946

Merit: 502

We are still safe but the all emails that has been leaked will be recieving phishing messages thats why every user must be aware to any email messages that they will receive . Hopefully bitmex will do immediate action of that leaked emails.

passwordnow

hero member

Activity: 2968

Merit: 572

Leading Crypto Sports Betting & Casino Platform

Expect that there will be a huge wave of phishing links that will be sent to those affected email addresses. It's correct that sometimes it's not our fault why we're receiving these kinds of emails because once they were leaked, those spammers will come to send you unwanted links.
This is the other side of providing KYC to the exchanges that we use. Much better to use only those exchanges that allows us to use them even with limits but doesn't have to provide with KYC. We should remain vigilant with everything we use especially if it's related to our funds.

PrimeNumber7

copper member

Activity: 1624

Merit: 1899

Amazon Prime Member #7

The email you received is referral spam. They are trying to get a referral from you.

The leaking of your email will only associate your email address as one as possibly being associated with exchange accounts. As long as you don't reuse passwords and use strong passwords, you should not be at any risk. Your only losses would be that of your privacy, and you already have had maximum losses in this regard.

mk4

legendary

Activity: 2716

Merit: 3817

Paldo.io 🤖

Quote from: Saint-loup on November 01, 2019, 03:37:00 PM

Quote from: mk4 on November 01, 2019, 12:08:02 PM

Though probably expect a barrage of emails from scammers and referral link spammers(like you just received) so it'd be a good idea to change your email address/alias.

Unfortunately changing your email address on Bitmex will not stop the spam, it's just too late. Your address is now listed in the files of the spammers/scammers and they exchange them on the darknet.
In fact the list is even available on the clear net. I won't paste the url of the file here but you can check if your email address has been leaked on https://haveibeenpwned.com/

How is changing your email address not going to stop the spam? Your email address is what allows them to target you with spam in the first place. Changing your email address with a new one and discarding the old leaked one would effectively stop the spam on your side for sure(but of course, your old email will still be receiving spam hence why you need to change email addresses). This is why people need to use separate email addresses for some(or most) websites.

Saint-loup

legendary

Activity: 2604

Merit: 2353

Quote from: Drai on November 01, 2019, 06:05:43 PM

If you take all the neccessary steps like 2FA, email and phone number verification in your Bitmex account, I don't think you have anything to worry about, personally my email address was also compromised but I have no worries at all because it would take a great hacker indeed to have access to my email or Bitmex account, just be security cincious especially when it comes to your funds irregardless of whether your email address was leaked or not, but if it makes you feel any better, you can simply open another Bitmex account with another email that is not known by anybody.

Phone number verification? Where it is? Are you really sure we can do that on Bitmex? Huh

I've never heard about it before.

Drai

sr. member

Activity: 567

Merit: 270

If you take all the neccessary steps like 2FA, email and phone number verification in your Bitmex account, I don't think you have anything to worry about, personally my email address was also compromised but I have no worries at all because it would take a great hacker indeed to have access to my email or Bitmex account, just be security cincious especially when it comes to your funds irregardless of whether your email address was leaked or not, but if it makes you feel any better, you can simply open another Bitmex account with another email that is not known by anybody.

Lafu

legendary

Activity: 2996

Merit: 3114

Sad to read and hear that with the leaked emails from Bitmex .
And i am glad i dont have use the platform or there service.
Best way would be for all that be affected on that to change there passwords ,
and maybe make an new email account if they used the leaked one for more services on other Webpages.

crwth

copper member

Activity: 2786

Merit: 1256

Try Gunbot for a month go to -> https://gunbot.ph

Quote from: mk4 on November 01, 2019, 12:08:02 PM

Just fyi, only the email addresses themselves are leaked.

I didn't panic when I was sent a spam email, I was just wondering HOW they discovered it and how did the sender know I had an account, hence the article announcing the leak of the information.

Quote from: mk4 on November 01, 2019, 12:08:02 PM

Also, this is already being discussed here: https://bitcointalksearch.org/topic/bitmex-snet-an-email-with-cc-to-own-customers-hundreds-emails-exposed-5197771

I did see and post there too. I do think that beginners should have a focused topic here to help them understand that this type of thing happens too.

Quote from: dothebeats on November 01, 2019, 02:37:36 PM

Just don’t click the links and never trust any emails from Bitmex unless you see it on their official announcements. Even better, just change your email address and you’ll be done with the bombardment of spam, nasty links and other stuff that people might send you.

It's quite easy to see that it's not an official email. That's why I didn't panic to the extent that I need to change my information in the exchange. The fact that they have sent me that kind of email is what bothered me. It's not a bombardment though, it's just one message. I'm not so sure with others though.

Quote from: Febo on November 01, 2019, 02:53:36 PM

It can happen everywhere. That is why is important you dont just throw your information's on everything. KYC only where you must. Register only where you must. Always use fresh passwords.

It depends if the site is reputable but at least it's just the emails. FYI, Bitmex doesn't ask for KYC, you know. And for the passwords, it's quite easy to handle that with a password manager.

nelson4lov

hero member

Activity: 2100

Merit: 794

Top Crypto Casino

Bitmex really fucked up with the leak. Now users would get screwed. One of the perks of being a user of an exchange where a data breach occurs is receiving email spams from scammers. I even have one that kept spamming my mails for a while. I had to block their email before it stopped. I should be expecting more spam flood soon. Thanks for the heads up although I got the information in the morning and hurriedly changed my email.

Saint-loup

legendary

Activity: 2604

Merit: 2353

Quote from: mk4 on November 01, 2019, 12:08:02 PM

Though probably expect a barrage of emails from scammers and referral link spammers(like you just received) so it'd be a good idea to change your email address/alias.

Unfortunately changing your email address on Bitmex will not stop the spam, it's just too late. Your address is now listed in the files of the spammers/scammers and they exchange them on the darknet.
In fact the list is even available on the clear net. I won't paste the url of the file here but you can check if your email address has been leaked on https://haveibeenpwned.com/

Febo

legendary

Activity: 2730

Merit: 1288

Quote from: crwth on November 01, 2019, 11:40:18 AM

Leaked information. Are we really safe at all?

It can happen everywhere. That is why is important you dont just throw your information's on everything. KYC only where you must. Register only where you must. Always use fresh passwords. This forum passwords were hacked at one point of time. That was like 3-5 years ago. It can happen. It can happen 20 years from now when you will already forgot you used some exchange or some forum or service.

dothebeats

legendary

Activity: 3542

Merit: 1352

Cashback 15%

Just don’t click the links and never trust any emails from Bitmex unless you see it on their official announcements. Even better, just change your email address and you’ll be done with the bombardment of spam, nasty links and other stuff that people might send you. No passwords whatsoever were leaked, only someone in their customer support department clicked the wrong button and we have this mayhem laid before us.

Topic: Leaked information. Are we really safe at all? - page 2. (Read 563 times)