The crypto industry received more bad news today, as it emerged that the Gemini Exchange had suffered a significant data leak, putting 5.7 million customer emails at risk.
Gemini blamed a third-party vendor for the breach as customers braced for a wave of phishing attacks.
A Third-Party Breach
Cryptocurrency exchange Gemini has revealed that an incident at a third-party vendor has led to a data breach, warning customers they could come under attack from phishing campaigns. According to the information available, hackers were able to get access to over 5.7 million emails, along with partial phone numbers. The hackers could not access full phone numbers as several digits were obfuscated.
Chinese media outlet Wu Blockchain confirmed the developments on Twitter, stating that the data breach indeed impacted 5.7 million users of the crypto exchange.
“The Gemini exchange suspected that 5.7 million user information was leaked; official responded that this was the result of a supplier incident, which resulted in the collection of Gemini customers’ email and some phone numbers. Please be vigilant against phishing activities.”
Gemini Issues Statement
Gemini issued a statement following the breach, confirming the third-party breach and advising users to be vigilant against phishing campaigns resulting from the data breach. The statement clarified that the leaked information did not contain sensitive information such as Know Your Customer (KYC) information. Additionally, it stated that some emails were repeated in the leaked documents, hinting that the number of impacted users could be lower. The exchange currently has 13 million active users. The statement read as follows,
“Some Gemini customers have recently been the target of phishing campaigns that we believe are the result of an incident at a third-party vendor. This incident led to the collection of Gemini customer email addresses and partial phone numbers. No Gemini account information or systems were impacted as a result of this third-party incident, and all funds and customer accounts remain secure.”
According to Certik, Gemini briefly went offline after the incident became public.
Vigilance Need Of The Hour
While the third party in question has not been identified yet, Gemini urged its users to be vigilant, posting a list of recommendations, as phishing attacks on users could not be ruled out due to the breach. Phishing is a type of attack that uses social engineering, where users are targeted with fraudulent messages that are designed to trick users into entering sensitive information such as passwords. Once compromised, hackers can use them to deploy malicious software or ransomware.
Was The Breach Kept Under Wraps?
When news of the breach became public, several users began claiming that the email leak had occurred much before it was first reported. Users pointed out reports of several users receiving targeted emails on the Gemini subreddit weeks prior to the incident. One user revealed that they had received a targeted phishing email from an address they had only registered on Gemini.
“It promoted a Cyberbroker NFT drop using OpenSea branding. I think I also received one last month, but I deleted it without reading it. Today, I got the hump because I’d specifically opted out of all marketing emails from Gemini.”
Gemini responded to the user, stating they would be reporting this to the security team. Other users also chimed in, claiming that Gemini was aware of the breach.
“I just got an email claiming that my Exodus wallet was linked to the Binance exchange from Bermuda (phishing, of course). I ONLY use that particular email address at Gemini. When I asked Gemini, they confirmed a breach at a third-party vendor. Customer emails and partial phone numbers. When I asked if they were planning on informing users, they said thanks for the feedback.”
Increasing Security Breaches
There have been quite a few security breaches in recent months. One such breach was reported in April involving hardware wallet manufacturer Trezor. The breach saw hackers gain access to user email addresses by breaching a third-party newsletter, using the information to target customers. Ledger, too, was a victim of data breaches, not once but twice, with personal details of customers sold on the dark web. In some cases, the physical address of users was also compromised.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.