Gemini
What was exposed
Email addressesPartial phone numbers
What to do if you were affected
- Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
- Watch for text-message phishing and SIM-swap attempts on your phone number.
Details
In late 2022, a hacker posted a data set to a public hacking forum which they alleged was sourced from the Gemini crypto exchange , a claim that was later proven to be false as the data was traced back to an incident at a third-party vendor . The source of the breach was later established as being Twilio, who processed the data of some Gemini customers using their Authy service for 2FA. Twilio described the incident as stemming from a sophisticated social engineering attack designed to steal employee credentials .
Frequently asked questions
What is the Gemini data breach?
In late 2022, a hacker posted a data set to a public hacking forum which they alleged was sourced from the Gemini crypto exchange , a claim that was later proven to be false as the data was traced back to an incident at a third-party vendor . The source of...
When did the data breach happen?
This data breach occurred around December 2022.
How many accounts were affected?
Around 5,274,214 accounts were affected.
What information was exposed?
Exposed data included Email addresses and Partial phone numbers.
What should I do if I was affected?
Expect more phishing and spam at this address. Treat messages that reference this company with extra caution. Watch for text-message phishing and SIM-swap attempts on your phone number.
Related breaches