Malware
Gemini Crypto Exchange Reveals Potentially Devastating Third-Party Data Breach
Gemini, a popular cryptocurrency exchange platform, has disclosed a third-party data breach. The incident affects a small percentage of users whose non-financial information was compromised. Gemini assured users that no funds were lost and has implemented additional security measures to prevent future incidents.
Picture this: you’re a customer of Gemini, a popular cryptocurrency exchange, and one day you receive a notice informing you that your banking information has been compromised due to a cyberattack on their systems. Yikes, right? Well, that’s exactly what happened to some of Gemini’s customers recently.
What went down with Gemini?
Gemini alerted its customers about a data breach incident that occurred because of a cyberattack on their Automated Clearing House (ACH) service provider, whose name was not disclosed. This happened a month ago, on June 26, 2024, but they submitted a sample of the letters just yesterday to the Attorney General’s Office in California.
An unauthorized actor breached Gemini’s vendor’s systems between June 3 and June 7, 2024, affecting some customers’ banking information, including their full name, bank account number, and routing number, which Gemini used for ACH fund transfers.
Fortunately, no other information like date of birth, physical address, social security number, email address, phone number, username, or password was hosted on the service provider’s systems and were not compromised.
What’s being done about it?
The data breach incident is now contained, and an investigation with the help of external experts is underway. But as of now, no other information has been made available.
Those affected by the breach have been advised to remain vigilant about incoming communications and look for signs of fraud using their exposed information. They are also encouraged to enable multi-factor authentication on their bank accounts, contact their banks for additional protection measures, or request a new account number.
If any suspicious or unauthorized activity is detected on impacted bank accounts, it should be reported to the banks immediately. Gemini also recommends placing fraud alerts or security freezes on credit reports, but they have not offered any identity theft protection services to the impacted individuals.
How many people are affected?
Gemini shared a statement after publishing, saying that 15,000 people were impacted by the incident. They stated, “The incident at a third party involved information of approximately 15K Gemini customers. Although we notified the customers involved out of an abundance of caution, our analysis found no evidence of customer impact.”
This isn’t the first time Gemini has suffered a data breach. Back in 2022, a third-party vendor exposed the contact details, including email addresses and phone numbers, of 5.7 million of its users. The stolen database was offered for sale on the dark web and later leaked for free on hacking forums.
What can we learn from this?
Data breaches like this are a stark reminder of the importance of cybersecurity. Whether you’re a business owner or an individual, it’s crucial to stay vigilant and take the necessary precautions to protect your sensitive information.
Remember: enable multi-factor authentication on your accounts, monitor your financial activity, and stay informed about potential threats. And, if you ever need assistance with cybersecurity, don’t hesitate to reach out to us at IT Services. We’re here to help you stay safe in the digital world.
Keep coming back to learn more about cybersecurity, and let’s work together to protect your data, your business, and your peace of mind.