Gemini User Data Allegedly Sold on Dark Web, Over 100,000 Customers Potentially Affected

A cybersecurity threat looms over more than 100,000 Gemini cryptocurrency exchange users as a threat actor, known as "AKM69," reportedly offers personal data for sale on the dark web.

The Dark Web Informer, a cyber threat intelligence platform, shared details in a blog post dated March 27. The user data supposedly obtained by AKM69 includes names, email addresses, phone numbers, and location information.

The alleged database contains approximately 100,000 records, primarily from the United States, with a few linked to users in Singapore and the United Kingdom. Each entry is said to have full names, email addresses, phone numbers, and location data.

Gemini has not issued any public comments regarding the matter. The source of the breach remains unclear, with possibilities including vulnerabilities within Gemini's systems or external factors such as compromised user devices and phishing attacks.

This recent report comes after a similar warning about Binance. A threat actor using the handle "kiki88888" reportedly listed more than 132,700 lines of Binance user data for sale, including emails and passwords.

In the case of the Binance incident, The Dark Informer suggested that the data leak might be due to compromised user devices and advised the public to "stop clicking random stuff."

crypto.news contacted both Gemini and Binance for comment, but neither has responded at the time of writing.

Previously, an anonymous user named "FireBear" claimed to possess access to 12.8 million records stolen from Binance. The database was allegedly comprised of first and last names, email addresses, phone numbers, birthdates, and residential addresses.

However, Binance dismissed these claims, asserting that an internal investigation found no evidence of the data leak originating from its platform.

In November, Nigerian cryptocurrency exchange Bitnob reportedly exposed over 250,000 Know Your Customer (KYC) documents due to a misconfigured Amazon Web Services (AWS) storage bucket, which left sensitive user data publicly accessible.

These incidents are not exclusive to crypto exchanges. In December, hackers compromised the personal data of over 58,000 customers of US-based Bitcoin ATM operator Byte Federal.

A month later, cybersecurity firm SlowMist cautioned that over 7 million OpenSea user email addresses, initially compromised in a June 2022 breach, had been made fully public, increasing the risk of phishing attacks for users.