Massive Breach in Popular Crypto Exchange Drains Retirement Accounts. Who's to Blame? Cameron and Tyler Winklevoss' Gemini crypto exchange is in hot water after tens of millions of dollars worth of Bitcoin and Ether were stolen.
It's no secret that the cryptocurrency market has taken a serious hit over the past several months. But Gemini, a crypto exchange and custodian founded by Cameron and Tyler Winklevoss, faced an additional setback in February in the form of a $36 million breach — and now the company is being sued over its alleged failure to protect its customers.
The stolen crypto assets belonged to customers of IRA Financial Trust, a platform for self-directed retirement and pension accounts. Now, as stated in its complaint, IRA Financial Trust claims that Gemini didn't have enough safety measures in place to protect customers' crypto assets and that its failure to freeze accounts immediately after the incident led to more losses.
"Gemini boasts of supposedly industry leading security protections, such as two-factor authentication, 'whitelisting' withdrawal addresses, and fraud detection algorithms," the lawsuit states. "Gemini says that these protections, among others, 'eliminate single points of failure.'"
But according to IRA Financial Trust, Gemini made IRA the "master account," adding all IRA customer accounts as sub-account holders under the IRA account, and gave IRA a "master key" that made it possible to bypass any existing security protections. Per the complaint, the key was exchanged in numerous unsecured, unencrypted emails — ultimately allowing hackers to gain access and transfer tens of millions of dollars worth of Bitcoin and Ether into a single retirement account.
In a statement to Engadget, Gemini rejected the allegations, saying that the attackers targeted IRA rather than exchange, that no Gemini systems were compromised, and that it "acted quickly" when it became aware of the situation.
But this isn't Gemini's only recent lawsuit. Just last week, Commodity Futures Trading Commission sued the exchange for misleading customers in sections of its exchange and futures contract.
Gemini also recently laid off 10% of its staff in response to the tumbling cryptocurrency market.
Bitcoin was down nearly 40% in a six-month period as of this morning.