A Gemini-related third-party vendor is reported to have had a data breach on or before December 13. Hackers reportedly gained access to 5,701,649 email addresses and partial phone numbers belonging to Gemini clients.
Gemini confirmed in a blog post that the breach resulted from an incident at a third-party vendor and warned of ongoing phishing campaigns due to the data exposure.
The data compromised did not contain sensitive personal information such as names, addresses, or other Know Your Customer data. Some emails were duplicated in the document; hence, the number of impacted users is likely less than the total number of rows. Gemini has 13 million active users at present.
Even minor security vulnerabilities in the Web3 business might have severe repercussions. In April this year, a similar issue involving crypto hardware wallet company Trezor crossed up. Hackers accessed Trezor users’ email addresses by hacking a third-party newsletter provider, which they used to target victims in a phishing scheme, resulting in losses.
The Gemini exchange fell unavailable for a brief period during the day due to data breach concerns. At the time of writing, the exchange platform is fully operational.