The Gemini Customer Data Leak was made available for purchase on hacker forums for 30 BTC

On December 14, 2022, the cryptocurrency exchange Gemini disclosed that some of its customers had been the victim of phishing scams that the company believes were caused by a vendor leak from a third party. In spite of allegations claiming that “5,701,649 lines of information related to Gemini clients” were exposed by Gemini, the company declined to say how many customers were impacted. Additionally, according to Ionut Ilascu, a cybersecurity writer for Bleeping Computer, client information from Gemini's data breach has already been offered for purchase on hacker forums beginning in September 2022.

Leak of Gemini Customer Data Found on Several Hacker Forums

Three days ago, Bitcoin.com News published a story on the cryptocurrency exchange Gemini after learning that a database containing the contact information for 5.7 million Gemini members had been compromised. Zhiyuan Sun, a crypto reporter, reported that he saw records including “5,701,649 lines of information belonging to Gemini consumers.”

In a blog post on December 14, 2022, Gemini addressed the problem and said that a third-party vendor was probably to blame for the breach. The exchange made no mention of the number of compromised client accounts, and Gemini made no mention of which third-party vendor was in charge of the data breach. Ionut Ilascu, a cybersecurity author for Bleeping Computer, wrote a story the day after Gemini's blog post explaining how the company's compromised database has been up for sale since September 2022.

Ilascu claims that the information was for sale and that there were “several posts on a hacker site,” one of which was found by the cybercrime intelligence platform Kela. One individual tried to sell the leak for 30 BTC, which would have been almost $500K at the current bitcoin exchange rate. Ilascu added that the vendor used “a new alias” in October 2022, when the data leak again surfaced on hacker forums.

Midway through November, the information was posted on a hacker website by another user, who claimed that in addition to the Gemini data, additional transactions were also supposedly included in the leak. Before the account was suspended from the forum, the Breachforums post also made a free database offer. The now-banned individual also revealed to forum participants that the database dump left out three digits from sets of client phone numbers.

As a reminder, WikiBit is ready to help you search the qualifications and reputation of projects in a bid to protect you from hidden dangers in this risky industry!

iOS: t.ly/UUCj

Android: t.ly/cfYt