A third-part vendor related to Gemini appeared to have suffered a data breach on or before Dec. 13. According to documents obtained by Cointelegraph, hackers gained access to 5,701,649 lines of information pertaining to Gemini customers’ email addresses and partial phone numbers. In the case of the latter, hackers apparently did not gain access to the full phone numbers, as certain numeric digits were obfuscated. After the news came to light, Gemini has since clarified in a blog post that the breach appeared to be "result of an incident at a third-party vendor" but also warned of ongoing "phishing campaigns" as a result of the data leak.
Related: Crypto users claim Gemini email leak occurred much earlier than first reported
The leaked database did not include sensitive personal information such as names, addresses and other Know Your Customer information. In addition, some emails were repeated in the document; thus, the number of customers affected is likely lower than the total rows of information. Gemini currently has 13 million active users. Regarding the incident, Gemini has issued the following statement:
"Some Gemini customers have recently been the target of phishing campaigns that we believe are the result of an incident at a third-party vendor. This incident led to the collection of Gemini customer email addresses and partial phone numbers. No Gemini account information or systems were impacted as a result of this third-party incident, and all funds and customer accounts remain secure."
Security breaches in the Web3 industry, even if mild in nature, can have serious consequences. One such incident took place in April this year and involved cryptocurrency hardware wallet manufacturer Trezor. Hackers gained access to Trezor users’ email addresses by breaching a third-party newsletter provider and then utilized the information to target users in a phishing scam, leading to losses.
The Gemini exchange also went briefly offline during the day after issues surrounding the data leak were brought to light. The exchange is fully functional at the time of publication.
Update Dec. 14 5:30 pm UTC: Added comments and explanation of events from Gemini.
Update Dec. 14 5:40 pm UTC: Added clarifications on the nature of the incident after receiving confirmation on third-party data vendor involvement.
Update Dec. 14 5:45 pm UTC: Added the exchange's temporary outage incident on the same day.
Update Dec. 15 6:15 pm UTC: Gemini has since clarified that no account numbers were breached as a result of the incident.
Update Dec. 15 7:30 pm UTC: Added links to related story "Crypto users claim Gemini email leak occurred much earlier than first reported"