Crypto users claim Gemini email leak occurred much earlier than first reported

Published at: Dec. 14, 2022

"Not handled well," was how one user described the revelations brought forth by Cointelegraph on Dec. 14 with regard to a leak of 5.7 million Gemini customers' email addresses and partial phone numbers. Shortly after publication, multiple users reached out to Cointelegraph, alleging that the leak, which Gemini attributes to a "third-party incident," happened much earlier than first expected. 

Mysterious reports of users receiving targeted phishing emails began surfacing on the official r/Gemini Subreddit in the weeks prior. In one thread dating back to November, user DaveJonesBones claimed that he received a targeted phishing email from an address that was only registered on Gemini:

"It promoted a Cyberbroker NFT drop using Opensea branding. I think I also received one last month, but I deleted it without reading it. Today, I got the hump because I'd specifically opted-out to all marketing emails from Gemini."

To which a Gemini representative responded:

"Reporting this to our security team. Thank you for letting us know."

In another thread titled "Gemini is compromised. Gemini user data is being used for complex phishing attempts" from two weeks prior, user Exit_127 claimed he received a phishing email from a Metamask imposter regarding the need to "sync my wallet due to the merge." The user also claimed that "I use email aliases so each online account has a specific email linked to it. This phishing attempt went to the email used by and only by my Gemini account."

A similar thread by user opfu from the prior week claimed that Gemini was already aware of the breach. As told by opfu: 

"I just got an email claiming that my Exodus wallet was linked to the Binance exchange from Bermuda (phishing of course). I ONLY use that particular email address at Gemini. When I asked Gemini, they confirmed a breach at a third-party vendor. Customer emails and partial phone numbers. When I asked if they were planning on informing users, they said thanks for the feedback."

Another user responded:

"The same thing happened to me as well. The email was definitely a phishing attempt. I was so confused how Exodus got my Gemini email address as well, so knew there must have been some compromised at some point…"

Gemini's wrote in its official statement that "No Gemini account information or systems were impacted as a result of this third-party incident, and all funds and customer accounts remain secure." It also warned of "increased phishing campaigns" as a result of the third-party breach. The blog post did not mention the date of the security incident. Prior to publication, Cointelegraph reached out to a Gemini spokesperson who declined to comment on the matter.

Tags
Related Posts
IRA Financial Trust to sue Gemini over $36M crypto assets exploit back in February
On Monday, IRA Financial Trust, a platform providing self-directed digital asset retirement and pension accounts, filed a lawsuit against cryptocurrency exchange Gemini for alleged negligence in safeguarding customers' digital assets during a critical exploit. The firm's client accounts were held in Gemini's custody. On February 8, a breach led to the siphoning of $36 million in crypto assets from customers' accounts via unauthorized withdrawals. Since then, both companies have blamed each other for being responsible for the loss of funds. To complicate matters, an allegedly fake 911 call coincided with the time of the hack that distracted many of IRA …
Blockchain / June 6, 2022
‘DeFi done right’: Layer-one protocol launches mainnet
A decentralized finance protocol has launched its mainnet — describing it as a crucial step on the journey to a frictionless financial future. Radix, which describes itself as a platform for smart money, is also launching Instapass with its Olympia mainnet — an optional user and developer service that delivers the world’s first single sign-on solution for building compliant DeFi. The Radix mainnet is being positioned as a generational improvement in the history of decentralized ledger computing — and one that delivers 100 times more executional efficiency than the Ethereum Virtual Machine. This comes hot on the heels of the …
Decentralization / July 29, 2021
Rick and Morty crypto art sells for $150,000 on Gemini-owned platform
A crypto art piece by Justin Roiland, co-creator of the famous animated series Rick and Morty, has sold for a handsome price on non-fungible token marketplace Nifty Gateway. Dubbed “The First Ever Edition Of Rick And Morty Cryptoart,” the tokenized artwork was sold at silent auction for $150,000. Nifty Gateway announced the news on Twitter on Jan. 19. SILENT AUCTION RESULT "First Rick and Morty Crypto Art" by @JustinRoiland WINNING BID: $150,000 1. blanK Congrats to the winner and to @JustinRoiland! Last 2 silent auctions have 5 minutes remaining. pic.twitter.com/M7k7PzlIRp — Nifty Gateway (@niftygateway) January 20, 2021 The newly sold …
Artists / Jan. 20, 2021
Nifty Gateway co-founders resign amid Gemini woes
In a Twitter thread posted on Jan. 25, Duncan Cock Foster and Griffin Cock Foster, co-founders of nonfungible token (NFT) auction platform Nifty Gateway, announced their resignations effective immediately. In supporting the decision, Duncan said they were leaving because “Griffin and I are founders at heart, and we want to start another company.” “When @Gemini acquired NG in 2019, Griffin and I said if everything went amazing and we loved it, we would stay for 4 years before starting another company. We ended up staying the max amount of time we originally thought possible, which shows how great this experience …
Blockchain / Jan. 25, 2023
BitKeep remains on track to fully compensate victims of $8M APK exploit
According to an official Telegram statement on March 1, Singaporean cross-chain crypto wallet developer BitKeep says it has reimbursed 50% of user assets lost during a security breach stemming from Dec. 26, 2022. On the date of the incident, an estimated $8 million was stolen by hackers after BitKeep's APK 7.2.9 (Android Package Kit) installation package was hijacked and swapped. Users who downloaded the malware subsequently saw their private keys compromised, leading to the theft of assets. As told by BitKeep, a total of 6,731 verified addresses were breached during the incident. The firm has since completed reimbursing 50% of …
Blockchain / March 2, 2023