Gemini cryptocurrency exchange has issued a warning about phishing operations that are aimed at its users after a threat actor used a third-party vendor hack to get their data. The business emphasised that none of its systems were affected.
The initial revelation on the story came from Bleeping Computer, which saw various offers on hacking forums for a database that purportedly contained the names, addresses, and phone numbers of 5.7 million Gemini subscribers.
The company's advisory also offers security best practises to lessen exposure to phishing attempts.
It is advised for users to use hardware security keys in conjunction with two-factor authentication (2FA) protection to access their accounts.
Source: https://securityaffairs.com/139742/data-breach/5-7m-gemini-users-leak.html
"id": "GEM1944151023",
"linkid": "geminitrust",
"type": "Breach",
"date": "12/2022",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"