By
Steve Muchoki
April 9th, 2024
Some users have expressed their displeasure over Gemini’s handling of data stating that the targeted phishing emails appeared weeks before the exchange noticed them.
On Wednesday, crypto exchange Gemini announced that a third-party phishing campaign led to the leak of its customer email addresses and partial phone numbers.
On Wednesday, crypto publication Cointelegraph was the first to report that a third-party vendor suffered a data breach around December 13. This had reportedly impacted the email addresses and partial phone numbers of 5.7 million customers. Hackers couldn’t access full phone numbers as some digital ones were obfuscated.
Later in the day crypto exchange acknowledged the development. In its official blog post, the exchange said:
Some Gemini customers have recently been the target of phishing campaigns that we believe are the result of an incident at a third-party vendor. This incident led to the collection of Gemini customer email addresses and partial phone numbers. No Gemini account information or systems were impacted as a result of this third-party incident, and all funds and customer accounts remain secure.
Good that the leaked database doesn’t reveal any sensitive information about any KYC data of Gemini customers. Also, the details reveal that some emails were repeated in the document. As a result, the total number of affected customers might be lower than the total rows of information. As of now, Gemini has nearly 13 million active customers on its platform.
Users Unhappy with Gemini and the Reported Phishing Attack
Soon after CoinTelegraph published the report, users reached out to the publication expressing their unhappiness over Gemini’s handling of data. In the weeks prior to this report, mysterious reports of users receiving targetted phishing emails appeared on the r/Gemini subreddit.
Last month in November, Redditor u/DaveJonesBones said that he received a targeted phishing email from the address only registered on Gemini. He noted:
“It promoted a Cyberbroker NFT drop using Opensea branding. I think I also received one last month, but I deleted it without reading it. Today, I got the hump because I’d specifically opted-out to all marketing emails from Gemini.”
Another user published a detailed thread explaining how Gemini was compromised. The user noted: “Gemini user data is being used for complex phishing attempts”.
I just experienced a very sophisticated crypto phishing attempt from a @Gemini customer information hack/leak.
1) I first received this text message: pic.twitter.com/0UVfHa9q7B
— cfo.btc (@btc_cfo) November 29, 2022
“I just got an email claiming that my Exodus wallet was linked to the Binance exchange from Bermuda (phishing of course). I ONLY use that particular email address at Gemini. I just wanted to post this to see if there was a known breach in the past that I can’t find record of, or if anybody else all of a sudden is having the same problem. When I asked Gemini, they confirmed a breach at a third party vendor. Customer emails and partial phone numbers. When I asked if they were planning on informing users, they said thanks for the feedback,” noted another user on Reddit.
Exchange hacks are nothing new in the crypto space. However, the question arises that despite the crypto industry advancing so much, the big players are still vulnerable to hacks.