November 8, 2024

Rise To Thrive

Investing guide, latest news & videos!

Gemini Customer Data Leak Was Advertised for Sale on Hacker Forums for 30 BTC in September – Bitcoin News

3 min read
Gemini Customer Data Leak Was Advertised for Sale on Hacker Forums for 30 BTC in September – Bitcoin News

On Dec. 14, 2022, the crypto exchange Gemini revealed that some Gemini customers have been the target of phishing attacks that the firm believes stem from a third-party vendor leak. While reports disclosed that Gemini’s leak was approximately “5,701,649 lines of information pertaining to Gemini customers,” Gemini did not disclose how many customers were affected by the breach. Moreover, according to Bleeping Computer’s cybersecurity author, Ionut Ilascu, data from Gemini’s customer info leak has been advertised for sale on hacker forums as early as Sept. 2022.

Gemini Customer Data Leak Discovered on Multiple Hacker Forums

Three days ago, Bitcoin.com News reported on the crypto exchange Gemini after it was discovered that a database that contains phone numbers and email addresses of 5.7 million Gemini users was leaked. The crypto reporter Zhiyuan Sun detailed that he witnessed documentation that had shown “5,701,649 lines of information pertaining to Gemini customers.”

Gemini addressed the issue on Dec. 14, 2022, in a blog post and it explained that the breach likely derived from a third-party vendor. The exchange did not explain how many customer accounts were affected and Gemini did not detail which third-party vendor was responsible for the data breach. The following day, after Gemini’s blog post published, Bleeping Computer’s cybersecurity author, Ionut Ilascu, published an article that explained Gemini’s leaked database has been advertised for sale since Sept. 2022.

Ilascu says there were “multiple posts on a hacker forum” that had shown the leak was for sale, with one discovered by the cybercrime intelligence platform Kela. One user attempted to sell the leak for 30 BTC or roughly $500K using today’s bitcoin exchange rates. Ilascu further disclosed that the data leak also showed up on hacker forums in Oct. 2022, when the seller leveraged “a different alias.”

Another person shared the info in mid-November on a hacker site and this particular post said that not only did the leak contain Gemini data, but allegedly other exchanges were included. The post published on Breachforums also offered the database for free before the account was banned from the forum. The now-banned user also told forum users that three digits from the sets of customer phone numbers were missing from the database leak.

Tags in this story
3rd Party, 5.7 Million customers, Bleeping Computer, Crypto Exchange Gemini, cybersecurity, cybersecurity author, Database for sale, Database Leak, Exploit, For Sale, Gemini Exchange, Gemini Leak, Hackers, Hacking Forums, KELA, Leak, Leak Sale, Security Report, third-party vendor

What do you think about the Gemini data leak being advertised on hacker forums in September? Let us know what you think about this subject in the comments section below.

Jamie Redman

Jamie Redman is the News Lead at Bitcoin.com News and a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written more than 6,000 articles for Bitcoin.com News about the disruptive protocols emerging today.




Image Credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

Read disclaimer