The Gemini exchange has recently become a hot topic among cryptocurrency users due to the data breach it faced.
While the exchange claims that the data breach occurred earlier this month, the cryptocurrency users have their own claims to make.
The users claim that the data breach had occurred much earlier than it was reported by the Gemini exchange.
According to many cryptocurrency users, the entire matter was not handled well by the exchange.
Gemini Reported the Breach on December 14
It was on December 14 when the officials at the Gemini exchange announced that a data breach had occurred. As a result, the hackers were able to steal the sensitive information of Gemini users.
The exchange revealed that more than 5.7 million users from the Gemini exchange had their emails leaked as a result of the hack.
The officials did try explaining that the breach had occurred at the third-party vendor linked with their exchange. Still, the information that the hackers stole was with Gemini in the first place.
Users are coming up with Allegations
Although the Gemini exchange did address the breach, the users are not ready to forget about it that easily. The users have started questioning the security and management of the exchange.
Many users have claimed that the data breach had been carried out by hackers much earlier than established by the Gemini exchange.
Phishing Emails Started to Emerge in November
Many cryptocurrency users, who are also part of the Gemini exchange, have made several claims about the breach.
According to them, the breach had taken place in the month of November. One of the Redditors claimed that he had recovered a phishing email back in November.
The Redditor stated that the email had come in several weeks before the breach was confirmed by the Gemini officials.
A Redditor going by the username u/DaveJonesBones claimed that it was in November when he had received a phishing email. The r/Gemini subreddit has been stormed by users making similar claims.
The users claimed that the email on which they received the phishing emails were made only for Gemini so no other source had them.
Comments by One User
A user who had received a phishing email back in November claimed that the email was promoting an NFT. The email was asking him to opt-in for an NFT drop that was going to take place on OpenSea.
He even mentioned that the email included the name of the NFT, which was “Cyberbroker”. The user reported that he knew it was a phishing email so he deleted it without even reading it.
However, the email was received back in November and now that he remembers it, it was on an email he had given on Gemini only.
Despite setting the email for Gemini, he had opted out of all the marketing emails Gemini asked permission to send him.
Gemini Tried Handling the Situation
Following the post from the user, one of the Gemini representatives on the subreddit replied that the issue was being raised with the security teams.
This poses a huge question mark on the Gemini exchange about its security and the security of its third-party vendors. The exchange failed to establish the exploit on time, which led to so much data being breached.
There is a possibility that the third-party vendor has failed to report the issue to Gemini in time, raising several concerns among the users.
Although the exchange has tried containing the situation by asking users not to fall for the phishing emails, still, some users may fall for them.
This means that they may end up losing their funds and cryptocurrencies to hackers. The incident may come back to haunt Gemini and may force it to rethink its future with the third-party vendor.