Gemini crypto exchange warned users of an ongoing phishing campaign, after a third-party vendor suffered a security breach. The notification comes after multiple posts on hacker forums seen by BleepingComputer offered to sell a database allegedly from Gemini, containing email addresses and partial phone numbers of 5.7 million users. The company pointed out that its systems were not impacted and customer accounts remain secure.
As a result of the breach, customers of the crypto exchange received phishing emails.
The database appeared to be available for sale since September 2022, when a seller was offering it for 30 bitcoins, or roughly $500,000.
Gemini advised its customers to rely on strong authentication methods and recommended activating two-factor authentication (2FA) protection and/or using of hardware security keys to access their accounts.
Read more about it here.