
Gemini
What Happened
In late 2022, a hacker posted a data set to a public hacking forum which they alleged was sourced from the Gemini crypto exchange, a claim that was later proven to be false as the data was traced back to an incident at a third-party vendor. The source of the breach was later established as being Twilio, who processed the data of some Gemini customers using their Authy service for 2FA. Twilio described the incident as stemming from a sophisticated social engineering attack designed to steal employee credentials.
Compromised Data
Recommended Actions
Get Aura for identity theft and credit protection. Keep your assets safe with fast fraud alerts, instant credit lock, and $1,000,000 identity theft insurance. Speak to a U.S. based fraud specialist 24/7.
Try AuraUse a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.
Try 1PasswordTake action after a breach — Guardio spots what’s still at risk and blocks phishing scams and new threats before they compromise your data or finances.
Try GuardioBreach Overview
-
Affected Accounts:
5.3 million
-
Breach Occurred:
December 2022
-
Added to HIBP:
16 Dec 2022
-
Attribution:
ZAN @ BF
Recommended Actions
Change Your Password
If you haven't changed your Gemini password since 2022, do so immediately.
Enable Two-Factor Authentication
Add an extra layer of security to your account.
Get Aura for identity theft and credit protection. Keep your assets safe with fast fraud alerts, instant credit lock, and $1,000,000 identity theft insurance. Speak to a U.S. based fraud specialist 24/7.
Try AuraUse a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.
Try 1Password