In the cryptocurrency industry, the Estonian email address leak was the second such incident this month.
The email addresses of more than 200 cryptocurrency trading service providers have been leaked just because of a mistake by the Estonian authorities. After an attempt by the national anti-money laundering agency to collect information about the Estonian crypto-asset industry, the case violated personal data.
Part of the Estonian Police and the Board of Protection of the Board, asked a series of companies to submit their business details by sending an email. However, the agency has forgotten to hide the email addresses of other recipients. This incident is very similar to the BitMEX case that leaked users’ email addresses just weeks ago.
BitMEX – one of the largest Bitcoin derivative platforms in the world made the email addresses of many of its users exposed. This was discovered when their customers could see the email addresses of other users after BitMEX sent an email regarding the update to everyone. According to the cryptocurrency platform, it is the result of software bugs that have now been addressed. This has caused some commentators in the cryptocurrency asset industry to be concerned about the capacity of the platform.
The email sent by Estonia asked the recipient to provide detailed answers to a series of questions along with other data related to the operation of the business. Under Article 20 of the Estonian Administrative Procedure Act, companies are required to participate and must submit feedback within four weeks. Helping the agency protect against money laundering and countering terrorist financing is considered the reason for this information request.
In fact, although email is clearly an attempt to encourage cryptocurrency companies to comply with applicable regulations, because of the information leak, the legality of the request is being suspected. Estonia must comply with the EU General Regulation on Personal Data Protection (GDPR) because it is a member of the European Union.
GDPR requires absolute respect for information security when intending to give citizens control of their personal data. The latest email address leak is obviously unable to respond to this.
How is that even possible? Are they sending their emails to customers manually? Like a regular email, with no CRM, or third-party software? That is insane. How tf are they handling their client data?
— Matt (@Vanalli) November 1, 2019
Just like law enforcement and cryptocurrency exchanges, traditional finance is no stranger to data breaches. Last month, Italian bank UniCredit revealed a leak that exposed the personal data of three million customers. Individuals with names, phone numbers, email addresses and other information have been compromised although the privacy agreement is not related to any financial data.
Read more:
- Senior Official Claims: Efforts To Release Cryptocurrencies Of 25,000 Blockchain Companies In China
- Philippines And Malaysia Traders Are “Buying The Dip”, Purchasing Bitcoin In Large Quantities