- Most users targeted are based in the US, UK, and Singapore.
- AI-driven scams are increasing the risk of identity theft.
- Binance adds SMS verification to strengthen phishing defences.
A new wave of crypto data breaches has compromised sensitive user details from major platforms including Ledger, Gemini, and Robinhood.
According to a recent investigation shared by the Dark Web Informer account on X (formerly Twitter), a vendor is actively selling leaked information on the dark web, exposing full names, email addresses, home addresses, phone numbers, and ZIP codes.
This development marks a disturbing escalation in crypto-related cybersecurity threats, with most of the affected individuals located in the United States, alongside a smaller number of users from Singapore and the UK.
No statements issued
On 13 April, Dark Web Informer published screenshots showing the extent of the compromised records. The seller claimed to hold comprehensive data tied to the user bases of some of the largest retail crypto platforms.
Despite the severity of the allegations, no official statements have been released so far by Ledger, Robinhood, or Gemini.
This is not the first time these companies have been linked to data breaches. In 2021, Robinhood confirmed that attackers gained access to over 5 million email addresses and 2 million full names by socially engineering a customer service employee.
The recent leak appears to follow a similar pattern, although no internal system vulnerabilities have been identified.
Phishing likely to blame as AI scams evolve
Cybersecurity experts connected to the Dark Web Informer account suggest that phishing, not internal hacking, is the most probable cause behind the data exposure.
Rather than breaching the platforms themselves, attackers appear to be targeting users directly through fake websites, emails, and text messages that mimic official channels.
These tactics have become increasingly effective, especially with the integration of AI tools that generate convincing messages or deepfakes, allowing fraudsters to impersonate exchanges or executives.
Earlier this month, a separate breach affected over 100,000 crypto users, also involving similar personal data and predominantly impacting individuals based in the US.
This suggests a growing trend in attacks that rely on exploiting human error rather than system vulnerabilities.
AI scams increasing
The rise in phishing activity has not gone unnoticed by users. Many took to X in recent weeks to report scam messages appearing to originate from Binance’s official sender ID.
These messages often impersonate SMS alerts used for account verification and two-factor authentication.
In response, Binance’s Chief Security Officer stated that the exchange has strengthened its anti-phishing code programme.
The update now includes SMS verification measures aimed at reducing the effectiveness of spoofed messages, following a string of user complaints.
However, the increasing volume and sophistication of phishing attacks highlight the broader risks facing crypto users.
With AI-powered scams on the rise and phishing kits being widely distributed, platforms are being forced to improve both user education and real-time threat detection.
Platforms stay silent
While the affected platforms remain silent on the current data leak, the recurrence of such incidents is raising alarm across the crypto community.
Without direct confirmation from Ledger, Gemini, or Robinhood, it remains unclear whether the data breach stems from new vulnerabilities or recycled information from older attacks.
The fact that these leaks continue to resurface underscores the urgent need for better user protection and transparency from service providers. As exchanges expand globally and attract millions of users, the stakes have become significantly higher.
In the absence of clear communication, users are being urged to take extra precautions, including enabling two-factor authentication, verifying official sources, and avoiding links from unknown senders.
