Centralized exchange Gemini lost almost 6M of its customers' email addresses and partial phone numbers. According to Gemini, no user funds or Gemini systems were impacted.
Apparently, a third-party vendor hired by Gemini lost the data. The emails are complete, and the phone numbers are in this format: "612-xxx-2388." So, if you're a Gemini customer using SMS for two-factor authentication (2FA), you may want to get an authenticator app.
Bleeping Computer says the Gemini breach data has been for sale on the dark web since September 2022, but the thief wanted 30 BTC in exchange for the breach data, and it doesn't seem like anyone bought it. Now the breach data is free to download, and scammers are putting it to work.
We're only hearing about this breach from Gemini now because the users affected by the data breach are dealing with a lot of phishing attacks.
Mo Vendors, Mo Problems for Gemini
Gemini isn't a public company, but it's US-based and considered to be among the “trustworthy” centralized exchanges. So what's with all these bad third-party vendors? First, Genesis's collapse forced the shutdown of Gemini Earn (with about $900M of customer crypto stuck in limbo). Now, an unnamed third-party vendor loses almost 6M customer records and people are getting phished.
It's pretty bad that Gemini lost the partial phone numbers, because many users still log into Gemini using just an email, password, and SMS for 2FA. Given a person's email and 7 digits of his phone number, I bet a hacker could figure out the entire phone number and try a SIM swap.
Gemini hasn’t announced how many customers lost funds due to phishing attacks stemming from this data breach.