Earlier today, some of our users received an email which contained the email addresses of other users in the ‘to’ field. We apologise for the concern this communication may have caused. This was the result of a software error which has now been addressed.
BitMEX takes the privacy and security of our users very seriously. Rest assured that in this instance, beyond email addresses, no other personal data or account information have been disclosed and no further emails have been sent. The error which has caused this has been identified and fixed, ensuring our usual high standards of privacy are upheld.
We are continuing work to ensure this will not occur again in future, and will be introducing additional features to further protect our users. Further communications on this matter will be issued in due course.
In the meantime, please find below some immediate guidance which should be observed in order to ensure the continued safety of your account:
- Please be aware of phishing attempts. Emails from BitMEX are sent from “firstname.lastname@example.org” and “email@example.com”. Please add these email addresses to your contacts list to ensure that these emails do not land in your spam folder. BitMEX will never ask for your password.
- BitMEX will never ask you to transfer funds. The only way to fund your BitMEX account is to send bitcoin to your unique BitMEX deposit address. Your unique BitMEX deposit address will begin with “3BMEX” or “3BitMEX” and can be found on the deposit page of your BitMEX account.
- Please take note our official BitMEX communications channels. These are our primary, official social media communications channels and only instructions provided via these avenues should be observed.
- We would like to remind all of our users to please protect their accounts by using strong and unique passwords; enabling Two-Factor Authentication (2FA) for all of your accounts (both BitMEX and personal); and to use a password manager. Further advice can be found here.
We will continue to communicate updates on our blog. We take the security and privacy of our users very seriously and will take steps to ensure this does not occur again in future.