fbpx

Gemini, IRA Financial Data Breach and Stolen Retirement Funds Class Action

This class action brings suit against Gemini Trust Company, LLC and IRA Financial Trust Company, for a data breach that went a little farther than usual. The complaint alleges that some $36 million was stolen from customers’ cryptocurrency individual retirement accounts. The two companies are blaming each other, according to the complaint.

The class for this action is all natural persons living in the US whose private information or money was compromised in the data breach initially found on or around February 8, 2022.

Gemini is a cryptocurrency exchange; IRA Financial offers online retirement account services.

The complaint alleges, “IRA Financial’s investigation is primarily focused on security controls that IRA Financial claims weren’t offered or available from Gemini. For its part, Gemini claims that its investigation found that the transactions it processed appeared to be ‘legitimate, authorized transactions.’”

The complaint quotes IRA Financial’s website as saying, “Whether the investment is made via the IRA custodian or our Checkbook Control IRA LLC, clients who want to invest in non-traditional assets like real estate, precious metals, or cryptocurrencies will find that we offer secure and expert services at a fair price.”

It also quotes IRA Financial as touting its relationship with Gemini: “Clients can now … trust Gemini as the licensed and qualified custodian of their cryptocurrency private key.”

Gemini’s website also claims it has “Industry Leading Security Controls” and says, “Trust is our product, which begins by building and maintaining a secure customer experience.”

However, the complaint alleges that on February 8, 2022, the companies found that “certain IRA Financial customers had unauthorized withdrawals of cryptocurrency from their Gemini cryptocurrency wallets.” An investigation found that “an unauthorized actor” had accessed information for IRA Financial customers, including names, Social Security numbers, and financial account numbers, and that cryptocurrency had been stolen from accounts.

IRA Financial sent out a notice on the data breach that told customers that the bulk of the “affected assets have been identified as likely unrecoverable.”

The complaint alleges, “On information and belief, neither of the [companies] had adequate data security measures in place to prevent the stunning Breach despite their representations and promises to accountholders that security is their top priority.” According to the complaint, the companies “have not compensated the victims of their negligence nor have they offered any identity theft monitoring services or assistance.”

The complaint refers to a Coindesk article that claims IRA Financial knew something was wrong the morning of the hack. The article quotes an IRA Financial memo to customers saying, “We have reason to believe that there are some bad actors posing as IRA Financial employees looking for crypto account-related information…” The article suggests that the hack was accomplished through a phishing scheme.

The complaint alleges, “Simply put, with the increase in cyberattacks in [the companies’] industry, and the attendant red flags, the Data Breach was completely foreseeable to the public and to anyone in [the companies’] industry.”

Article Type: Lawsuit
Topic: Privacy

Most Recent Case Event

Gemini, IRA Financial Data Breach and Stolen Retirement Funds Complaint

March 18, 2022

This class action brings suit against Gemini Trust Company, LLC and IRA Financial Trust Company, for a data breach that went a little farther than usual. The complaint alleges that some $36 million was stolen from customers’ cryptocurrency individual retirement accounts. The two companies are blaming each other, according to the complaint.

Gemini, IRA Financial Data Breach and Stolen Retirement Funds Complaint

Case Event History

Gemini, IRA Financial Data Breach and Stolen Retirement Funds Complaint

March 18, 2022

This class action brings suit against Gemini Trust Company, LLC and IRA Financial Trust Company, for a data breach that went a little farther than usual. The complaint alleges that some $36 million was stolen from customers’ cryptocurrency individual retirement accounts. The two companies are blaming each other, according to the complaint.

Gemini, IRA Financial Data Breach and Stolen Retirement Funds Complaint
Tags: Breach of Implied Contract, Exposing Private Information, Exposure to cyber crime, Negligence, Your Privacy