"Hackers Leak Personal Info Allegedly Stolen From 5.7M Gemini Users"

Customers of the Gemini cryptocurrency exchange have been targeted in phishing operations after a threat actor obtained their personal information from a third-party vendor. The news comes after various posts on hacker sites attempted to sell a database allegedly from Gemini, which includes phone numbers and email addresses belonging to 5.7 million of the exchange's members. The Gemini product security team issued an alert stating that an unknown third-party vendor experienced an incident that allowed an unauthorized actor to gather email addresses and partial phone numbers belonging to some Gemini customers. The cryptocurrency exchange's customers received phishing emails because of the incident. The attacker's goal has not been revealed, although such access to accounts and financial information is normally what threat actors seek. Gemini emphasizes that account information and systems have not been compromised, and that funds and customer accounts "remain secure." In September, there was an early attempt to monetize the database. The author did not specify how current the information was, but they did request 30 bitcoins. Another post was made in October under a different alias, stating that the data was from September. In mid-November, another post under a different account surfaced, offering databases from various cryptocurrency exchanges, including one from Gemini that allegedly had the same type of information for millions of customers. This article continues to discuss the exposure of 5.7 million Gemini users' personal information due to the third-party incident. 

Bleeping Computer reports "Hackers Leak Personal Info Allegedly Stolen From 5.7M Gemini Users"