"Not handled well." This was how one user described the revelations brought forth by Cointelegraph on Dec. 14 regarding the leak of 5.7 million Gemini customers’ email addresses and partial phone numbers. Shortly after publication, multiple users reached out to Cointelegraph alleging that the leak, which Gemini attributes to a “third-party incident,” happened much earlier than initially understoo.
Mysterious reports of users receiving targeted phishing emails began surfacing on the official r/Gemini subreddit in the weeks prior. In one thread dating back to November, Redditor u/DaveJonesBones claimed that the received a targeted phishing email from an address that was only registered on Gemini:
To which a Gemini representative responded:
In another thread titled “Gemini is compromised. Gemini user data is being used for complex phishing attempts” from two weeks prior, u/Exit_127 claimed they received a phishing email from a MetaMask imposter regarding the need to “sync my wallet due to the merge.” The user also claimed that “I use email aliases so each online account has a specific email linked to it. This phishing attempt went to the email used by and only by my Gemini account.”
I just experienced a very sophisticated crypto phishing attempt from a @Gemini customer information hack/leak.1) I first received this text message: pic.twitter.com/0UVfHa9q7B
A similar thread by u/Opfu the prior week claimed that Gemini was already aware of the breach. As told by u/Opfu:
Another user responded:
In an official statement, Gemini wrote that “no Gemini account information or systems were impacted as a result of this third-party incident, and all funds and customer accounts remain secure.” It also warned of “increased phishing campaigns”
Read more on cointelegraph.com