More than 100,000 users of the cryptocurrency exchange Gemini could be compromised following reports that a malicious actor has allegedly put a substantial amount of personal user information, such as names, email addresses, phone numbers, and locations, up for sale on the dark web.
A blog post dated March 27 from a cyber threat intelligence platform reveals that a user under the alias “AKM69” claims to have acquired a large database of Gemini user information.
The publication indicates that the database consists of approximately 100,000 user records, primarily from the United States, with a few associated with individuals in Singapore and the UK. Each record is said to contain complete names, email addresses, phone numbers, and geographical data.
Gemini has yet to issue a public statement concerning the situation. It remains uncertain whether the data breach originated from Gemini’s systems or through external vulnerabilities such as compromised user devices or phishing schemes.
This recent report follows a similar alert regarding Binance released a day prior. Another cybercriminal, known as “kiki88888,” has allegedly put up more than 132,700 lines of data related to Binance users for sale, including email addresses and passwords.
In connection with the Binance breach, it was suggested that the data leak might stem from compromised user devices, with a cautionary message to the public to “stop clicking random stuff.”
Attempts to contact both Gemini and Binance for comment have gone unanswered as of this writing.
For Binance, this isn’t the first instance where criminals have threatened to release stolen credentials. In September, an anonymous individual identifying as “FireBear” claimed to possess access to 12.8 million records stolen from the exchange and attempted to sell them on similar dark web forums.
This database purportedly included first and last names, email addresses, phone numbers, birthdates, and home addresses.
In response, Binance denied the allegations, asserting that an internal security investigation found no evidence linking the data breach to its platform.
Last November, it was reported that Nigerian crypto exchange Bitnob had inadvertently exposed over 250,000 KYC documents due to a misconfigured Amazon Web Services (AWS) storage bucket, allowing sensitive user data to be publicly accessible.
Such data breaches have not been exclusive to cryptocurrency exchanges. In December of that year, hackers compromised the personal information of over 58,000 customers from a US-based Bitcoin ATM operator, Byte Federal.
Additionally, in January, SlowMist warned that over 7 million email addresses of OpenSea users, initially compromised in a breach back in June 2022, had been fully exposed, putting users at further risk for phishing attempts.