Updated on 2022-12-20: Crypto users claim Gemini email leak occurred much earlier than first reported
On 14 Dec, Cointelegraph brought forward revelations about the leak of 5.7 million customer email addresses and partial phone numbers from Gemini crypto exchange. Shortly after, it says multiple users reached out alleging that the leak, which Gemini attributes to a “third-party incident,” happened much earlier than initially understood, with alleged reports of compromised emails appearing as early as October. Reports of users being sent targeted phishing emails had also appeared for weeks prior on the official r/Gemini subreddit. Gemini wrote that “no Gemini account information or systems were impacted as a result of this third-party incident, and all funds and customer accounts remain secure” and warned of “increased phishing campaigns” as a result of the third-party breach.
Overview: Gemini leak
Cryptocurrency portal Gemini has confirmed that the emails of some of its customers was pilfered during a security incident at one of its service providers and that its users are now being targeted with phishing attacks. The stolen data is now being sold on different underground forums. Read more: Hackers leak personal info allegedly stolen from 5.7M Gemini users