20.01.2021

BitMEX Says Quality Check ‘Failure’ Led to Email Privacy Breach

“BitMEX is a global business that sends emails to many different email providers,” said deputy chief operating officer Vivien Khoo in the blog posting. “Unfortunately, this makes the job of large services such as BitMEX difficult at times.”

BitMEX says its internal processes “failed” last week, subsequently exposing thousands of the exchange’s clients to privacy risks.

In a company blog posting on Monday, the crypto-derivatives exchange said its mass emailing operation failed causing “most BitMEX users” to have their email addresses publicly exposed via carbon copy (CC) on Nov. 1.

Data provider Skew says BitMEX has some 22,000 daily users, though the number of email addresses exposed is likely significantly higher.

With major email servers imposing restrictions on bulk emailing, the firm said:

“To remedy this, we built an in-house system to handle the necessary rendering, translation, staging, and piecemeal (as not to trigger rate limits) sending of important email.”

The exchange said it sends emails to all users very rarely, the last one of this size shipping in 2017. To expedite the process, the exchange’s email systems API was changed at the last minute, but did not undergo the typical checking process.

The exchange says it stopped further batches of emails being sent out upon recognition of the issue.

In response to the leak, BitMEX says they employed password resets and human review on endangered accounts. All users lacking two-factor authentication (2FA) and also holding account balances had passwords reset after the exchange noted hostile attempts to access accounts.

In an email to CoinDesk last Friday, Khoo reiterated that no other personal information was divulged.

“Beyond email addresses, at no point during this issue has any personal data or account information been disclosed.”

Bitmain Seeking U.S. IPO With Confidential SEC Filing

Bitcoin mining giant Bitmain is said to have confidentially filed for an initial public offering (IPO) with the U.S. Securities and Exchange Commission.

Sponsored by Deutsche Bank, the offering was filed with the SEC earlier this week before a recent management shakeup saw the ousting of Bitmain co-founder and executive director Micree Ketuan Zhan Oct. 29, according to Tencent News.

Bitmain will now undergo questioning by the U.S. securities regulator before – if allowed – submitting an F1, a certification required for foreign companies before listing in U.S. securities markets. It’s not clear how much capital the firm is looking to raise through the public offering.

Bitmain’s U.S. IPO dreams follow a failed attempt to go public on the Hong Kong Stock Exchange (HKSE) in 2018. The mining giant’s application lapsed in March 2019 and was not re-filed. Bitmain declined to comment on the lapsed application at the time.

To increase the firm’s chance of a U.S. listing, Bitmain has also hired the former representative of Nasdaq China, Zheng Hua, as a consultant, Tencent News reports.

CoinDesk reached out to Bitmain to confirm the news, but a representative would not comment.

The effects of the leadership shakeup on the listing process have yet to be seen. As of the last listing attempt on the HKSE, departed executive Zhan held a 36 percent stake in Bitmain Holdings, the parent company of Beijing Bitmain Technology. Co-founder and now chairmen-of-the-board Jihan Wu owns 20 percent of the firm.

Bitmain’s U.S. IPO plans come alongside a notable investment in the region. Earlier this month, the company opened a new mining plant in Rockdale, Texas. Beginning at 25 megawatts for dedicated bitcoin mining, the converted aluminium smelter plant has the potential to scale up to 300 megawatts.

And just two days ago, miner manufacturing rival Canaan also filed for an IPO with the SEC. The offering prospectus indicates it intends to list on NASDAQ under the ticker symbol “CAN” and sets a placeholder amount of $400 million for the raise.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Leave a Reply

Your email address will not be published. Required fields are marked *