- Gemini has warned that 15,000 customers may have been affected by a data breach from a cyberattack on its ACH service provider
- The exchange has emailed customers about the security incident, which dates back to early June
- Names, bank account, and routing numbers may have been compromised, but no other personal information has been stolen
Gemini has warned that 15,000 of its customers may have been affected by a data breach stemming from a cyberattack on its Automated Clearing House (ACH) service provider. The name of the compromised vendor has not been revealed, but Gemini has been emailing customers over the past few days warning them of a “ security incident” involving a service provider of its ACH, dating back to early June. The exchange warned that names and bank account and routing numbers may have been collected, but no other personally identifiable information is thought to have been stolen.
Names and Banking Details Stolen
Gemini first began notifying affected individuals about the breach on June 26, with further details submitted to the California Attorney General’s Office yesterday. The breach occurred between June 3 and June 7, 2024, when an unauthorized actor infiltrated the vendor’s systems.
The compromised data includes customers’ full names, bank account numbers, and routing numbers—information crucial for ACH fund transfers—but Gemini has assured that other sensitive information, such as dates of birth, physical addresses, social security numbers, email addresses, phone numbers, usernames, and passwords, were not stored on the vendor’s systems and thus remained secure.
An investigation, supported by external cybersecurity experts, is currently ongoing, and the breach has been contained. Despite this, Gemini advises affected individuals to stay vigilant for any suspicious communications and potential fraud attempts.
To mitigate risks, Gemini has urged customers to enable multi-factor authentication on their bank accounts linked to the exchange as well as contact their banks to request additional security measures or new account numbers. Any detected unauthorized activities should be reported to their financial institutions immediately.
Additionally, Gemini recommends that affected customers place fraud alerts or security freezes on their credit reports to further protect against identity theft. However, the company has not provided identity theft protection services to those impacted by this incident.
Second Time Round for Gemini
In a statement to BleepingComputer, Gemini disclosed that approximately 15,000 customers were affected by the breach, noting that it “notified the customers involved out of an abundance of caution” even though its analysis found “no evidence of customer impact.”
This breach is not the first for Gemini. In 2022, a third-party vendor’s security lapse exposed the contact details, including email addresses and phone numbers, of 5.7 million users. The stolen database was subsequently sold on the dark web and later leaked on hacking forums.
