‘Third-party incident’ impacted Gemini with 5.7 million emails leaked
Users’ emails, account numbers and partial phone numbers were leaked in what Gemini claimed to be a “third-party” incident.
Cryptocurrency exchange Gemini appears to have suffered a data breach on or before Dec. 13. According to documents obtained by Cointelegraph, hackers gained access to 5,701,649 lines of information pertaining to customers’ account numbers, email addresses and partial phone numbers. In the case of the latter, hackers apparently did not gain access to the full phone numbers, as certain numeric digits were obfuscated. Gemini has since clarified in a blog post that the breach appears to be “result of an incident at a third-party vendor” but also warned of ongoing “phishing campaigns” as a result of the data leak.
The leaked database did not include sensitive personal information such as names, addresses and other Know Your Customer information. In addition, some emails were repeated in the document; thus, the number of customers affected is likely lower than the total rows of information. Gemini currently has 13 million active users. Regarding the incident, Gemini has issued the following statement:
“Some Gemini customers have recently been the target of phishing campaigns that we believe are the result of an incident at a third-party vendor. This incident led to the collection of Gemini customer email addresses and partial phone numbers. No Gemini account information or systems were impacted as a result of this third-party incident, and all funds and customer accounts remain secure.”
Security breaches in the Web3 industry, even if mild in nature, can have serious consequences. One such incident took place in April this year and involved cryptocurrency hardware wallet manufacturer Trezor. Hackers gained access to Trezor users’ email addresses by breaching a third-party newsletter provider and then utilized the information to target users in a phishing scam, leading to losses.
Update Dec. 14 5:30 pm UTC: Added comments and explanation of events from Gemini.
Update Dec. 14 5:40 pm UTC: Added clarifications on the nature of the incident after receiving confirmation.
This is a developing story and will be updated accordingly.
English
Arabic
Chinese (Simplified)
Dutch
French
German
Italian
Portuguese
Russian
Spanish