
Key Words
- Binance and Gemini Data Leak Exposes 230K+ User Records
- Data includes names, emails, phone numbers, locations
- Likely caused by phishing, not platform hacks
- Users urged to boost account security urgently
More than 230,000 user records from top crypto exchanges Binance and Gemini have been listed for sale on dark web forums, triggering a wave of concern among investors and cybersecurity experts.
The leaked databases include names, email addresses, phone numbers, and even user location data. But the most alarming part? Experts say the platforms themselves weren’t hacked. Instead, the breach likely stems from phishing campaigns targeting users—a growing issue across the Web3 space.
On March 27, a dark web seller known as AKM69 reportedly posted a Gemini database containing over 100,000 user entries. Most of the users are from the United States, with a few from the UK and Singapore. Just a day before, on March 26, another threat actor kiki88888 listed 132,000 Binance user records, complete with login credentials.
The origin of these leaks remains unclear, but cybersecurity watchdog Dark Web Informer believes users may have unknowingly given away their credentials through deceptive links or fake websites—a classic phishing tactic.
Some of you really need to stop clicking random stuff. Data courtesy of @whiteintel_io pic.twitter.com/MmbqYnFPVy
— Dark Web Informer – Cyber Threat Intelligence (@DarkWebInformer) March 26, 2025
This Binance and Gemini data leak is not just a breach of privacy—it’s a potential gateway to fraud, identity theft, and crypto scams that prey on unsuspecting users.
Phishing Attacks Are the Real Threat to Crypto
While most people worry about platform hacks, phishing remains the #1 cause of crypto theft. It’s low-tech, but it works. And it doesn’t need to breach a platform like Binance or Gemini—it just needs you to click the wrong link.
Scammers now mimic everything from exchange login pages to KYC forms and wallet apps, making it harder than ever to spot fakes. Once a user enters their info, the attackers gain access, and funds can vanish in minutes.
In the past month alone, Coinbase users lost $46 million through social engineering and phishing scams. According to blockchain security firm Scam Sniffer, crypto phishing theft exceeded $15 million in just the first two months of 2025.
The Binance and Gemini data leak underscores a deeper problem: users remain the weakest link in Web3 security.
To stay protected:
-
Always enable two-factor authentication (2FA)
-
Never click on unknown or suspicious links
-
Use hardware wallets for long-term storage
-
Double-check URLs and email senders before responding
Threat Actor Selling Binance Users’ Data. Source: X/Dark Web Informer – Techtoken
Binance users, especially, should remain vigilant. With rising activity around Binance token listings and new launches like KiloEx’s explosive 2300% surge, more users are getting involved—making them targets for attackers.
For those exploring derivatives, the recent BNB perpetual futures launch on Coinbase has also drawn attention. Events like this increase traffic to exchanges, which scammers often exploit with phishing campaigns.
Some of you really need to stop clicking random stuff. Data courtesy of @whiteintel_io pic.twitter.com/MmbqYnFPVy
— Dark Web Informer – Cyber Threat Intelligence (@DarkWebInformer) March 26, 2025
Dark Web Listings and Growing User Risk
The sale of personal data is not a new phenomenon, but the scale of this leak is especially worrying for the crypto world. With over 230,000 records from Binance and Gemini combined, the dark web now holds a goldmine of potential scam targets.
Attackers can use this information for:
-
Spear-phishing campaigns tailored with real user data
-
Social engineering to extract login details or 2FA codes
-
Fake crypto recovery services that trick users into giving wallet access
Given the increasing sophistication of these scams, even experienced users are at risk. And with Binance-related traffic surging—thanks to actions like Binance Wallets’ 24x volume spike—the number of vulnerable users may be higher than ever.
What’s more, scammers are getting bolder. In one case, phishing sites mimicked government campaigns like the Bitcoin-backed moves by Bukele and Trump to add legitimacy. These tactics make it even harder for users to separate real from fake.
Gemini and Binance have not yet issued public statements, but experts warn that silence doesn’t mean safety. Until confirmed otherwise, users should assume that their data may be part of the leak—and take steps to protect their accounts immediately.
With phishing outpacing hacks, education and security tools remain the best defense. Stay alert. Stay skeptical. And think twice before you click.