Gemini crypto exchange reports third party data breach

Gemini, a cryptocurrency exchange, has reported a data breach incident due to a cyberattack on its Automated Clearing House (ACH) service provider.

The incident, occurred between June 3 and June 7, 2024 andinvolved unauthorized access to certain customers' banking information. The breach compromised:

• Full names
• Bank account numbers
• Routing numbers

The service provider's systems did not host other sensitive information. The number of affected individuals are not disclosed.

Update - as of 6th of August 2024, it's reported that the breach affected at least 15,000 customers

Gemini began notifying affected individuals on June 26, 2024, and submitted sample notification letters to the California Attorney General's Office on July 25, 2024. The breach is currently contained, and an investigation with external experts is ongoing.

Gemini suggests placing fraud alerts or security freezes on credit reports but has not provided identity theft protection services to those impacted. Affected customers are advised to be cautious of potential fraudulent communications, enable multi-factor authentication on their bank accounts and report any suspicious or unauthorized activity on their bank accounts immediately.