How can I find out if a mining pool has been leaking user information?

1

To my surprise, I have received spam to an email address which I exclusively used with a mining pool that seems to be generally considered trustworthy and reliable.

The spam is bitcoin related and contains this text:

INVOICE #099425655

STATUS: Unpaid

GENERATE ON: 02/16/2015

(link text) hxxps://account.[censored].net/?invoice=ST-231550-[random looking characters]-passport.[censored].net

(actual link target) hxxp://russiancloud.esy.es/[censored].jar

Given that the email address I used to sign up to the pool is, with very high certaincy, globally unique and not easily generateable, it would appear the pool indeed leaked some user data.

However, googling for "[name of pool] leak" gave no related results at all.

How should I continue?

mafu

Posted 2016-07-25T21:39:23.670

Reputation: 113

I'm not sure this problem is specific to Bitcoin and you might be able to find similar topics on security.stackexchange.com.

Murch 2016-07-27T06:15:10.217

@Murch Yes, doubtlessly, there are similar topics on security SE - I was hoping for an answer more particular to the case, as it seems to me like the bitcoin ecosystem has its own dynamics consideration of which can improve the answer. I'm not sure, maybe that's not right. If the question is to be moved, it will probably be closed as a duplicate right away instead.mafu 2016-07-27T07:38:11.073

mafu: You could always try shaming the pool on reddit. Topics like that do get some following.Murch 2016-07-27T15:55:35.170

No answers