
The cryptocurrency exchange Gemini, has disclosed a data breach after a threat actor obtained the clients’ data from a third-party vendor, they became the victim of phishing attacks.
Numerous posts on hacker forums updated that databases allegedly from Gemini containing email addresses, phone numbers, and other personal data of 5.7 million users.
The cryptocurrency exchange platform’s customers got phishing emails because of the incident. The attacker’s intentions are unknown. Gemini underlined in its report that account information and its systems have not been impacted following the breach and that funds and customer accounts remain secure.
Several posts on a hacker site offering to sell a database that purportedly belonged to Gemini and contained the contact information for 5.7 million members.
The first attempt to monetize the database was in September when a threat actor asked for 30 bitcoins. Another post was released in October using a new account and claimed that the information was from September.
Midway through November, another post under a different account offered databases from various cryptocurrency exchanges, including one from Gemini that had the same information for 5.7 million members. It appears that none of the attempts to monetize the database was successful.
Gemini recommends its customers to activate MFA protection, or use hardware security keys to access their accounts to keep them more secure from other potential attacks.