Gemini data breach: 5.7 million user data hacked at bitcoin exchange
The Bitcoin exchange Gemini is faced with a data breach in which, according to consistent media reports, around 5.7 million user data were affected. Initially, the stock exchange had not yet commented on this topic. The breach is said to have occurred on or shortly before Wednesday (December 13) in one of the exchange’s databases. The hackers reportedly gained access to a whopping 5,701,649 lines of data about customer account numbers, email addresses, and some phone numbers.
Only later: Gemini confirms data breach
However, sources report that the breached database did not contain sensitive personal information such as names, social security numbers, addresses or other ” know your customer “ information. In addition, the number of customers affected is likely to be less than the total number of leaked data. Because some emails kept appearing in the document. Gemini currently has 13 million active users.
In the company’s own blog , Gemini only confirmed afterwards – on Thursday (December 14) – the data breach that had taken place:
Some Gemini customers have recently been the target of phishing campaigns that we believe may be due to a third-party incident. This incident allowed email addresses and some phone numbers to be collected from Gemini customers. No Gemini account information or systems were compromised as a result of this third party incident. And all funds and customer accounts remain safe.
Similar Trezor hack earlier this year
Security breaches in the Web3 industry can have serious consequences, even if they are minor. One such incident happened in April this spring. Cryptocurrency hardware wallet maker Trezor had uncovered security vulnerabilities. The hackers gained access to Trezor users’ email addresses by infiltrating a third-party newsletter provider. They then used this information to target users with a phishing scam, resulting in losses.
In the ongoing attack, several Trezor users were contacted by unauthorized actors posing as a company. Their main goal was to steal money by misleading unwary investors. As part of the attack, users received an email that an application was downloaded from the “trezor.us” domain, which is different from the official Trezor domain “trezor.io”.