Back to Radar
GE

Gemini

High

In late 2022, Twilio's Authy service impacting Gemini users was breached through social engineering.

Records exposed
5,274,214 records
Breach date
Breach Dec 13, 2022
Last update
Updated Aug 13, 2025
Source

What data was exposed?

Fields reported as compromised in this breach record.

Email addressesPartial phone numbers

Why does this breach matter?

In-depth analysis of the breach and its implications.

In December 2022, a dataset alleging to originate from Gemini, a cryptocurrency exchange, emerged in a public hacking forum. However, investigations revealed that the data originated from a breach at a third-party provider, Twilio, utilized by Gemini for two-factor authentication through its Authy service. The breach was traced back to a sophisticated social engineering scheme targeting Twilio's employees.

Impact Analysis

Understanding the scope and consequences of this breach.

User Impact
Exposed email addresses and partial phone numbers increase phishing and targeted scam risks.
Business Impact
The vendor appeared accountable, with operational trust needing restoration through transparency.
Affected Sectors
  • Cryptocurrency
Geographic Impact
  • Global

What You Should Do

Recommended actions to take in response to this breach.

If You Were Affected

  • Verify no unauthorized access has been made to accounts associated with Gemini.
  • Be vigilant of phishing emails referencing this breach.

Preventive Measures

  • Activate account-level monitoring and alerts for suspicious activities.
  • Advocate for services implementing strong third-party oversight.

Frequently Asked Questions

Common questions about this breach and what it means for you.

Enable multi-factor authentication provided independent of compromised platforms.

Attribution

Additional attribution provided with the breach record.

ZAN @ BF