Gemini is being sued for allegedly providing IRA Financial with a single point of failure onboarding system that allowed the loss of $36 million in IRA customer funds. The exchange has also been accused of failing to freeze accounts quickly enough. IRA Financial Trust (IRA) is Suing Gemini The IRA Financial Trust (IRA) is suing Gemini for the February 2022 hack, which resulted in the theft of $36 million from IRA customers’ accounts at the cryptocurrency exchange. According to a press release, IRA, a U.S. platform for self-directed retirement and pension accounts, claims in the lawsuit that Gemini “did not have proper safeguards in place to protect customer crypto assets” and “failed to freeze accounts within a sufficient [time-frame]” after IRA alerted Gemini to the theft. Gemini is a New York-based cryptocurrency exchange. Tyler and Cameron Winklevoss co-founded it, and it is now one of the most popular stock exchanges in the United States. According to IRA, Gemini insisted on using Gemini’s application programming interface (API) to streamline customer onboarding while failing to disclose to IRA that the API contained a single point of failure, namely a master account controlled by a master-key under which “all of Gemini’s IRA customers were sub-account holders.” Unencrypted Emails between Gemini and IRA According to the lawsuit, the criminals allegedly obtained the master key from unencrypted emails between Gemini and IRA....
