BleepingComputer reports that nearly 15,000 customers of U.S. cryptocurrency exchange Gemini had their information compromised following the breach of its third-party service provider Automated Clearing House in early June.
Infiltration of the third-party provider's systems between June 3 and 7 allowed threat actors to exfiltrate the customers' certain banking details, including full names, bank account numbers, and routing numbers leveraged for ACH fund transfers, said Gemini in a breach notification letter sent to the Office of the California Attorney General, which did not specify the third party. Other client information was not impacted by the incident, which has already been contained, noted Gemini. While no evidence of customer impact was identified, impacted individuals have also been urged by Gemini to activate multi-factor authentication and be vigilant of suspicious bank account activity. Such a disclosure from Gemini comes almost two years after it had contact details and other information from 5.7 million of its users exposed due to another third-party breach.
