Over 230,000 user records leaked, likely from phishing attacks, not platform breaches
In yet another sign of escalating cybersecurity risks in the crypto space, more than 230,000 user records from Binance and Gemini have reportedly surfaced on the dark web. The data includes sensitive information such as names, emails, phone numbers, and geographic locations, primarily affecting users in the U.S., UK, and Singapore.
According to Dark Web Informer, the breach appears to stem from phishing campaigns rather than direct hacks of the exchanges themselves. Attackers tricked users into sharing login details through fake websites or scam communications—a tactic known as social engineering.
One dark web user known as “AKM69” posted a database allegedly containing 100,000 Gemini records, while another alias, “kiki88888,” is said to have listed 132,000 Binance records.
Rising threat of phishing in the crypto space
Though neither Binance nor Gemini has released an official statement, the leaks raise fresh concerns over user safety in a market where personal data is often the weakest link. Security firm Scam Sniffer estimates that $15 million was lost to phishing scams in the first two months of 2025 alone.
In March, Coinbase users lost over $46 million through similar attacks, underscoring that even well-known platforms are vulnerable to breaches originating from outside their systems.
Experts recommend users adopt two-factor authentication (2FA), avoid clicking on unknown links, and consider hardware wallets for added protection. With phishing and data breaches on the rise, vigilance—not just software—is the best defense in crypto.
