Gemini Data Breach
Gemini Cryptocurrency Exchange Breach (2022): 5.3 Million Customer Email & Phone Records Exposed via Third-Party Vendor
Cryptocurrency exchange and financial platform.
Risk Interpretation
Severe risk. Exposure enables asset-targeted phishing, account takeover, financial fraud, extortion, and physical-world targeting of likely high-value crypto holders.
Impact & Downstream Threats
In December 2022 a dataset of approximately 5.3 million Gemini customer email addresses and partial phone numbers surfaced on cybercrime forums. Gemini confirmed the exposure but attributed it to a breach at a third-party vendor — later identified as Genesis Digital — rather than a compromise of Gemini's own systems. The affected data was limited to contact information. No wallet credentials, trading activity, or financial data was exposed. Gemini notified affected customers and reported the inc
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
Threat Vectors
Breach Intelligence
Executive Summary
Gemini, a U.S.-based cryptocurrency exchange, had the contact information of approximately 5.3 million customers exposed after a dataset surfaced on cybercrime forums in December 2022. The breach did not originate from Gemini's own systems. Instead, attackers used social engineering to compromise employees at Twilio's Authy service, a two-factor authentication provider used by Gemini, and extracted customer data through that supply chain connection. The exposed data consisted of email addresses and partial phone numbers. No passwords, wallet credentials, or financial data were included. Even so, the exposure posed a serious risk to affected users. Cryptocurrency holders are high-value targets, and the leaked contact details were quickly weaponized in phishing and smishing campaigns. Attackers impersonated Gemini support across email, SMS, WhatsApp, and Telegram to steal login credentials or trick users into transferring funds. The data also raised concerns about SIM-swapping attacks, in which criminals hijack a victim's phone number to bypass account security. Gemini confirmed the breach and notified affected customers. No prominent regulatory action or settlement specific to this incident has been documented. Affected individuals remain at elevated risk of targeted phishing, account takeover, and financial fraud, and should treat any unsolicited outreach claiming to be from Gemini with suspicion.
About Gemini
Gemini is a U.S.-based cryptocurrency exchange and financial platform founded in 2014 by Cameron and Tyler Winklevoss. The platform offers buying, selling, and custody of cryptocurrencies alongside a credit card product and institutional trading services. Gemini is regulated as a New York trust company and has positioned itself as a compliance-focused exchange relative to less regulated competitors.
Why They Hold Your Data
Crypto exchanges and custodians collect highly sensitive identity verification records, contact data, financial information, transaction history, device and login metadata, and custody-related account records.
Recent Developments
Gemini has continued building out its regulated exchange and custody operations. The company navigated the broader crypto market downturn of 2022-2023 and the collapse of several competitor platforms. It launched a credit card product and has maintained its focus on institutional and retail custody. Gemini reached a settlement with the New York Attorney General in 2025 related to allegations that its Earn program had defrauded users.
Data Points Exposed
Canonical Fields
email_address, phone_number, phone_number:partial
Dark Web Verification
- Dataset containing ~5.3M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: gemini-2022;Gemini Data Breach
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of Gemini
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam