The crypto industry received more bad news today, as it emerged that the Gemini Exchange had suffered a significant data leak, putting 5.7 million customer emails at risk.
Gemini blamed a third-party vendor for the breach as customers braced for a wave of phishing attacks.
A Third-Party Breach
Cryptocurrency exchange Gemini has revealed that an incident at a third-party vendor has led to a data breach, warning customers they could come under attack from phishing campaigns. According to the information available, hackers were able to get access to over 5.7 million emails, along with partial phone numbers. The hackers could not access full phone numbers as several digits were obfuscated.
Chinese media outlet Wu Blockchain confirmed the developments on Twitter, stating that the data breach indeed impacted 5.7 million users of the crypto exchange.
“The Gemini exchange suspected that 5.7 million user information was leaked; official responded that this was the result of a supplier incident, which resulted in the collection of Gemini customers’ email and some phone numbers. Please be vigilant against phishing activities.”
Gemini Issues Statement
Gemini issued a statement following the breach, confirming the third-party breach and advising users to be vigilant against phishing campaigns resulting from the data breach. The statement clarified that the leaked information did not contain sensitive information such as Know Your Customer (KYC) information. Additionally, it stated that some emails were repeated in the leaked documents, hinting that the number of impacted users could be lower. The exchange currently has 13 million active users. The statement read as follows,
„Неки клијенти Геминија су недавно били мета пхисхинг кампања за које верујемо да су резултат инцидента код добављача треће стране. Овај инцидент је довео до прикупљања адреса е-поште клијената Геминија и делимичних бројева телефона. Ниједна информација или систем Гемини налога нису утицали као резултат овог инцидента треће стране, а сва средства и кориснички рачуни остају безбедни.
According to Certik, Gemini briefly went offline after the incident became public.
Vigilance Need Of The Hour
While the third party in question has not been identified yet, Gemini urged its users to be vigilant, posting a list of recommendations, as phishing attacks on users could not be ruled out due to the breach. Phishing is a type of attack that uses social engineering, where users are targeted with fraudulent messages that are designed to trick users into entering sensitive information such as passwords. Once compromised, hackers can use them to deploy malicious software or ransomware.
Was The Breach Kept Under Wraps?
When news of the breach became public, several users began claiming that the email leak had occurred much before it was first reported. Users pointed out reports of several users receiving targeted emails on the Gemini subreddit weeks prior to the incident. One user revealed that they had received a targeted phishing email from an address they had only registered on Gemini.
“It promoted a Cyberbroker NFT drop using OpenSea branding. I think I also received one last month, but I deleted it without reading it. Today, I got the hump because I’d specifically opted out of all marketing emails from Gemini.”
Gemini responded to the user, stating they would be reporting this to the security team. Other users also chimed in, claiming that Gemini was aware of the breach.
“I just got an email claiming that my Exodus wallet was linked to the Binance exchange from Bermuda (phishing, of course). I ONLY use that particular email address at Gemini. When I asked Gemini, they confirmed a breach at a third-party vendor. Customer emails and partial phone numbers. When I asked if they were planning on informing users, they said thanks for the feedback.”
Increasing Security Breaches
There have been quite a few security breaches in recent months. One such breach was reported in April involving hardware wallet manufacturer Trezor. The breach saw hackers gain access to user email addresses by breaching a third-party newsletter, using the information to target customers. Ledger, too, was a victim of data breaches, not once but twice, with personal details of customers sold on the dark web. In some cases, the physical address of users was also compromised.
Изјава о одрицању одговорности: Овај чланак је представљен само у информативне сврхе. Није понуђен нити намерава да се користи као правни, порески, инвестициони, финансијски или други савет.
Source: https://cryptodaily.co.uk/2022/12/gemini-suffers-huge-data-breach-5-7-million-emails-leaked