Digitex Futures Exchange has blamed a “scheming” ex-employee for publishing a Facebook post that listed the email addresses of at least 8,000 treasury users. The post, which read like an internal email, included a link to a Google Docs spreadsheet that displayed the email addresses and treasury wallet addresses of all customers who had either completed or started the KYC process. The incident has since been blamed on an ex-employee, although doubts remain about this line of reasoning.
The Facebook post appeared on Sunday morning and immediately had members of the Digitex community demanding to know how the leak had happened. Telegram admins confirmed that “the email addresses and associated wallet are the only things breached” and that “the KYC images and associated data is safe.”
The post remained up for over 10 hours while the team worked on removing it, offering no public explanation as to how the leak occurred.
Digitex Blames “Highly Manipulative” Ex-employee
Finally on Monday afternoon an explanation of sorts arose:
The hack was an internal issue orchestrated by a scheming and highly manipulative ex-employee whose professional interests are now in conflict with Digitex’s success. This person was able to access user data and hijack the company’s Facebook account, posting the leaked data and removing everyone from the company as admins from the Facebook page. This means that we were temporarily unable to remove the post or even put out an official comment.
This isn’t entirely true, as the project still has an official Telegram news and updates channel as well as a Twitter page, but none of these outlets was used to update those affected. It is also strange that an ex-employee was able to obtain the list and still retain access to the company’s Facebook account, which is partly addressed later in the statement:
We know the perpetrator and every step has been taken to not only remove all access to all channels that this person had but also proceed against this person through the legal channels in our reach.
Yet again the question has to be asked – why does an ex-employee still have access to the social media backend in the first place?
Amateur Mistake or Coverup?
At best this reeks of amateurish business practices, at worst it is an outright lie a cover up an error. The incident is not completely dissimilar to the mistake made by a BitMEX employee in November last year who neglected to use the bcc email field properly and revealed the email addresses of the entire user database.
The advice given in that case is the same in this – if you have been affected, change the email address you use for the Digitex service and ideally scrap that email address altogether. Expect a potential increase in spam email and, needless to say, do not respond to any of it.