Cryptocurrency exchange Gemini has disclosed a data breach incident caused by a cyberattack on its Automated Clearing House (ACH) service provider. The breach, which occurred between June 3 and June 7, 2024, has resulted in the exposure of customers’ banking information, including names, account numbers, and routing numbers.
Don't miss out on more posts like this—subscribe now!
Details of the Breach
Gemini Trust Company, LLC, a prominent cryptocurrency exchange, filed a notice of the data breach with the Attorney General of California on July 24, 2024. According to BleepingComputer, the breach was discovered after an unauthorized actor gained access to an internal collaboration tool on the bank partner’s system, leading to the exposure of sensitive consumer data.
The compromised information includes customers’ full names, bank account numbers, and routing numbers, which Gemini used for ACH fund transfers. Fortunately, no sensitive information such as social security numbers, email addresses, or passwords was compromised.
Response and Mitigation
Upon discovering the breach, Gemini promptly initiated an investigation to determine the extent of the compromised data and identify the affected customers. The company has since sent out data breach notification letters to all individuals whose information was impacted by the incident.
Gemini has assured its customers that it is taking all necessary measures to enhance its security protocols and prevent future breaches. The company is also offering support to affected customers, including guidance on how to protect themselves from potential fraud or identity theft.
Source: