According to a recent report, the cryptocurrency exchange Gemini suffered from a breach of data and reportedly 5.7 million emails were leaked. While Gemini has stated “some Gemini customers have recently been the target of phishing campaigns,” the exchange insisted that “no Gemini account information or systems were impacted.”
Gemini Suffers From ‘Third Party’ Associated Customer Data Leak, Report Claims Documents Show 5.7 Million Accounts Affected
On Dec. 14, 2022, the crypto news outlet Cointelegraph published a report that claims “5,701,649 lines of information pertaining to Gemini customers” have been leaked by a data breach. The reporter Zhiyuan Sun wrote that the publication reviewed documents that had shown the leak featured “Gemini customers’ email addresses and partial phone numbers.”
The same day, Gemini published a blog post about protecting customers from phishing incidents and it mentions a third party was responsible for the breach. “Some Gemini customers have recently been the target of phishing campaigns that we believe are the result of an incident at a third-party vendor,” the trading platform’s blog post discloses. “This incident led to the collection of Gemini customer email addresses and partial phone numbers.”
Gemini’s post adds:
No Gemini account information or systems were impacted as a result of this third-party incident, and all funds and customer accounts remain secure.
Gemini is not the first crypto company to suffer from a data leak as Ledger, the hardware wallet manufacturer, had issues with a customer data leak in 2020. Last year, the Indian crypto exchange Buyucoin was hacked and reportedly sensitive data tied to 325,000 users was allegedly leaked. In July, Celsius explained customer data was leaked before the business filed for bankruptcy and a month earlier, Opensea said it suffered from a leak as well.
Meanwhile, the Gemini blog post details that the security of customer funds and associated accounts is the exchange’s “top priority.” The statement written by Gemini also insists that the company does not recommend users rely on “the secrecy of an email address as a substitute for strong authentication methods.” The company further gives step-by-step instructions on how to reset an email associated with a specific Gemini account.
What do you think about the Gemini data leak? Let us know what you think about this subject in the comments section below.