According to a recent report, the crypto-currency exchange Gemini suffered a data breach and 5.7 million emails were reportedly leaked. Although Gemini stated that “some Gemini customers have recently been targeted by phishing campaigns“, the exchange insisted that “no information about Gemini’s accounts or systems was affected.“
Gemini suffers from associated customer data leak “third party“, the documents show that 5.7 million accounts were affected.
On December 14, 2022, Cointelegraph published an article on the subject that stated that “5,701,649 lines of Gemini customer information” were leaked as a result of a data breach. Reporter Zhiyuan Sun wrote that the publication reviewed documents that showed the leak included “email addresses and partial phone numbers of Gemini customers.“
On the same day, Gemini published a blog post about protecting customers from phishing incidents and it mentions that a third party was responsible for the breach. “Some Gemini customers have recently been the target of phishing campaigns that we believe are the result of an incident at a third-party vendor“, the trading platform said. “This incident led to the collection of partial email addresses and phone numbers of Gemini customers“.
Gemini’s post adds:
No Gemini account information or systems were affected by this third-party incident, and all funds and customer accounts remain secure.
Gemini isn’t the first crypto company to suffer a data leak, as hardware wallet maker Ledger had issues with a customer data leak in 2020. Last year, Indian crypto exchange Buyucoin was hacked and sensitive data related to 325,000 users was reportedly leaked. In July, Celsius explained that customer data was stolen before the company filed for bankruptcy, and a month earlier, Opensea said it had also suffered a leak.
Meanwhile, Gemini’s blog states that the security of customer funds and associated accounts is the “top priority” of the exchange. The statement written by Gemini also emphasizes that the company does not recommend that users rely on “the secrecy of an email address as a substitute for strong authentication methods.“The company further provides step-by-step instructions on how to reset an email associated with a specific Gemini account.