This week, Gemini Crypto Exchange said that phishing attacks were launched against customers after a threat actor obtained personal information from a third-party vendor.
The Gemini product security team issued a brief notice announcing that an unidentified third-party vendor had suffered an “incident” that allowed an unauthorized actor to collect email addresses and incomplete phone numbers belonging to some Gemini customers. This ensures the security of funds as well as account data.
Customers of the crypto exchange received phishing emails as a result of the breach. Although the attacker’s objective has not been made public, threat actors typically seek such account and financial information access.
In its short report, Gemini underlines that account data and its frameworks have not been affected and that assets and client accounts “stay secure.”
Several posts on a hacker forum offer to sell a Gemini-like database that contains the phone numbers and email addresses of 5.7 million users. The notification comes in response to these posts.
In September, an initial attempt to monetize the database was made. The author requested 30 bitcoins, or approximately $520,000 at the current exchange rate, but did not specify how recent the information was.
Another post from a different alias was published in October, claiming to be from September.
Midway through November, a second post with a different username, which is now banned on the forum, offered databases from several cryptocurrency exchanges, including one from Gemini that supposedly contained the same type of information for 5.7 million users.
As yet another announcement offering the data for free appeared on a different forum, it appears that none of the attempts to monetize the database were successful.
The phone number format was shared by the post’s author, who noted that the three digits in the middle were missing.
Gemini encourages its clients to depend major areas of strength for on strategies and suggests initiating two-factor verification (2FA) insurance or potentially the utilization of equipment security keys to get to their records.
Additionally, the company provides the necessary instructions for changing the Gemini account’s email address.