Gemini, the cryptocurrency exchange founded by the Winklevoss twins, published a blog post this week warning about phishing campaigns targeting its customers. These phishing campaigns are likely related to a previously undisclosed data breach that exposed the email addresses of the exchange’s 5.7 million customers. Gemini states that this security incident occurred at a third-party vendor, not the exchange itself. The blog post aims to reassure customers by clarifying that this incident did not impact “Gemini account information or systems” and that “all funds and customer accounts remain secure.” The third-party vendor that suffered a data breach has yet to be named. Cybercriminals have attempted to sell the database multiple times on hacker forums, but have not provided many details in their posts. The stolen database first appeared for sale back in September, with the seller asking for thirty Bitcoin (~$670K at Bitcoin’s height that month) in exchange for a list of Gemini customers’ emails and partial phone numbers. The database was listed for sale two more times under different usernames, once in October and once in November.
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.