Only email leaks don't put Bitmex users under losses. Because of people who have access to Bitmex's user email leak don't have access to those emails. What they can do is sending phising things to those email addresses if they want.
Hence, if users are aware of the news, and be careful when using their emails: don't click on links send by strange emails or from familiar emails but if contents or links are strange; they will be safe.
Furthermore, they can change their email passwords, and it is time for them to remind that they use that email for how many accounts on exchanges and other services, and whether they use same passwords over exchanges & services. If they use same passwords, it's time to change as soon as possible.
The news is bad for Bitmex's reputation but not too bad for their users, IMO.
People can check their email status there:
https://haveibeenpwned.com/Regarding to email security, you can use the following site:
https://haveibeenpwned.com/It is very simple to use: Typing your email address, then enter to see it has already been compromised or not. In case your email has been already compromised, it's your turn to reset your password and consider to enhance security and privacy for your email.
There are two types of results:
1. Bad: pwned!Oh no — pwned!
Pwned on X breached sites and found no pastes (subscribe to search sensitive breaches)
2. Good: no pwnage found!Good news — no pwnage found!
No breached accounts and no pastes (subscribe to search sensitive breaches)
You should take action as quickly as possible if your email checking result fall into the first type.