Gemini, a leading cryptocurrency exchange and custodian, has disclosed a security incident affecting its banking partner, potentially exposing sensitive banking information of some customers. The breach was identified after an unauthorized actor accessed an internal collaboration tool used by the banking partner's service provider.
The incident, which occurred between June 3 and June 7, 2024, compromised certain transactional data including customers' names, bank account numbers, and routing numbers. However, more sensitive information such as social security numbers, email addresses, and Gemini account details were not affected.
Gemini notified customers via email about the breach on June 25, 2024. The email, forwarded to U.S. authorities yesterday, marking the disclosure of the incident, explained that the breach was confined to the third-party ACH banking partner's system. The unauthorized access involved unauthorized access to an internal tool leading to potential data exposure.
Upon discovering the breach, the banking partner swiftly initiated an investigation, involving external forensic experts and notifying law enforcement. The ongoing investigation aims to determine the full extent of the breach and to implement measures to prevent future incidents.
Impact on Gemini clients
Gemini, established in 2014 by the Winklevoss twins, serves a broad user base, including both individual investors and institutional clients. Known for its stringent security measures and regulatory compliance, Gemini has built a reputation as a trusted platform in the cryptocurrency space. The company boasts over 13 million users globally, highlighting the significance of any security incident involving its infrastructure or partners.
In light of the breach, Gemini has urged affected users to take specific actions to safeguard their accounts:
- Contact their bank to inquire about protective measures, including obtaining a new account number.
- Enable Multi-Factor Authentication on their bank accounts.
- Monitor account statements closely and report any unauthorized activities.
- Remain vigilant against potential scams exploiting the compromised data.
Additionally, Gemini provided detailed steps for users to further protect their information, including obtaining and monitoring credit reports, placing fraud alerts, and considering security freezes on credit files. Users were advised to report any suspicious activity to law enforcement and the Federal Trade Commission (FTC).
North Korean Hacker Charged for Ransomware Attacks on U.S. Hospitals
Leave a Reply