YEREVAN (CoinChapter.com) — Over 230,000 user records from Binance and Gemini are now for sale on dark web markets. The data includes emails, names, phone numbers, and location details. The incidents were reported by Dark Web Informer, a platform that tracks online cybercrime activity.

Both exchanges have not released official statements. The source of the leaked crypto exchange records remains unclear.

Gemini User Data Listed by Seller AKM69

On March 27, a dark web actor using the name AKM69 posted a dataset linked to Gemini user data. The listing reportedly contains over 100,000 entries. Most affected users are based in the United States, with some from the United Kingdom and Singapore.

Dark Web Seller AKM69 Offers 100K Gemini Crypto User Records With Full Details. Source: Dark Web Informer

The seller claims the Gemini user data can be used for marketing, fraud, or crypto scams. Each record allegedly includes full name, email, phone number, and location.

Dark Web Informer did not confirm a direct breach of Gemini’s systems. Instead, the report suggested the data likely came from phishing crypto attacks or stolen user credentials.

Binance User Data Offered on Dark Web by Second Actor

On March 26, another seller named kiki88888 offered over 132,000 Binance user data entries. This separate listing includes login credentials and other personal data. The data was also shared on dark web leak platforms, according to Dark Web Informer.

Dark Web Informer Reveals 132,744 Binance User Records Leaked With Login Details. Source: Dark Web Informer

The report attributes the leak to phishing crypto attacks, not a direct breach of Binance’s infrastructure. A post from the Informer noted,

“Some of you really need to stop clicking random stuff.”

There is still no public comment from Binance.

Phishing Map and Top URLs Reveal Massive Crypto Credential Harvesting Linked to Binance. Source: Dark Web Informer Phishing Crypto Attacks Behind Most Leaks

Security researchers point to phishing as a key tool behind the growing number of leaked crypto exchange records. Attackers impersonate trusted sources and trick users into revealing sensitive data. They often use fake websites, emails, or ads to gain access.

In March, Coinbase users reportedly lost over $46 million in social engineering scams. Also, Scam Sniffer reported that phishing crypto attacks led to over $15 million in losses in January and February 2025.

ScamSniffer Reports $5.32M in February Phishing Losses With 7,442 Victims Across Crypto Platforms. Source: ScamSniffer

This trend shows how phishing remains one of the most common methods used to steal crypto exchange user data.