​Gemini crypto exchange confirms user data leak

What’s new? Cryptocurrency exchange Gemini reported that some of its customers became targets of phishing campaigns. Representatives of the platform said that the series of attacks was the result of an incident with a third-party vendor. It resulted in the collection of email addresses and partial phone numbers of Gemini’s customers. The team assured that no account information or internal exchange systems were compromised and all customer funds and accounts remain safe.

Gemini Blog

What else does the blog say? The Gemini team recommended that customers set up two-factor authentication or hardware security keys to protect their accounts. The latter include tools such as YubiKey and Google Titan Key.

Gemini did not disclose the extent to which user data has been compromised. According to Cointelegraph, hackers gained access to 5 701 649 lines of information pertaining to Gemini customers’ email addresses and partial phone numbers.

The company acknowledged the leak of user data on December 14, but information about it surfaced much earlier. For example, reports about users receiving phishing emails started appearing in Gemini’s official community on the social platform Reddit weeks before that. In one thread in November, a user under the nickname DaveJonesBones claimed that he received a targeted phishing email from an address that was registered only on Gemini. It advertised a Cyberbroker NFT drop, using Opensea branding.

What is known about Gemini? It is a centralized crypto exchange and trust company regulated by the New York State Department of Financial Services (NYDFS). The platform was founded in 2014 by Cameron and Tyler Winklevoss. The exchange hosts 106 cryptocurrencies and 134 trading pairs, with a daily trading volume of $33,5 million, according to CoinGecko.

In June, IRA Financial Trust sued Gemini for allegedly failing to provide proper security measures to protect its clients’ assets.

On October 12, Cameron Winklevoss stepped down as director of Gemini Europe, the UK-incorporated arm of crypto exchange Gemini. According to the platform’s representative, the board of directors will include local leadership.

In June, the personal data of the OpenSea NFT marketplace users leaked online. An employee of the Customer.io service, whose services the company used to send mailings, provided the data to a third party. In July, a similar situation occurred with customers of the bankrupt crypto platform Celsius.