Gemini says third-party incidents resulted in phishing scam targeting European users

Gemini disclosed incidents attributed to a third party that resulted in a phishing campaign targeting users in the UK and Europe, according to a client email seen by The Block.

Scammers have used emails and websites mimicking Gemini’s branding, with the company saying that it believes the campaigns resulted from two third-party vendor incidents. No account information or systems were impacted, and all customer accounts remain secure.  

“We are aware of two incidents during which bad actors obtained the names, email addresses, and/or truncated (partial) phone numbers of certain Gemini customers from two third-party vendors that we use,” the email noted, going on to say the firm had previously mentioned one of these scams. The exchange said it just recently learned of another one that occurred last fall.

The second incident involved “bad actors” who “phished and tricked” employees of a third-party vendor into providing logins to their platforms. The bad actors used the login credentials to access the names, email addresses, and in some cases, partial phone numbers of some Gemini customers.

“We understand that these incidents may be part of a broader attack on crypto platforms by this group of bad actors,” Gemini said in the email.  The UK Information Commissioner’s Office and the Irish Data Protection Commissioner have been informed.

Gemini did not immediately respond to requests for comment from The Block.