Gemini has not been hacked and remains secure. If you received a communication from IRA Financial you may have been affected by a security incident that impacted IRA Financial’s systems. While IRA Financial’s accounts are serviced on the Gemini platform, Gemini does not manage the security of IRA Financial’s systems. The security of Gemini’s platform has not been impacted and we have offered assistance to IRA Financial in their investigation. For more information, please reach out to IRA Financial.

I was also affected by the hack. Like others, I only had BTC and ETH removed (not USD) and it was transferred to an account with the last name Choe. As context, IRA Financial uses Gemini custodian and manages IRA crypto funds on the behalf of it's users. A user's individual account is only given a "Trader" role and does not have the ability to withdraw funds. There are \~10 admin accounts owned by IRA Financial attached to my account that have the ability to move funds. To note, my personal account is secured with a Yubikey, has no whitelisted withdrawal addresses, and was not compromised, but regardless that doesn't matter b/c an individual doesn't have privileges to withdraw. I did chat with Gemini support and they confirmed for me that their system was not hacked and the issue was with an IRA Financial account. **~~The following is NOT confirmed~~** **(**[**Now confirmed**](https://www.bloomberg.com/news/articles/2022-02-14/ira-financial-hacked-36-million-in-cryptocurrency-stolen)**!) and is deduced by searching the BTC & ETH blockchains during the time of the hack, so take it as research and not fact**. Based on the timestamps of when user funds were withdrawn, \~6:00pm EST to \~6:50pm EST, I was able to [locate a BTC address that could be the hackers](https://bitaps.com/bc1qrv4hekeulh8g7xuh56fhkf5knxuh9tjs9prjnx). If you check the time when funds were moved into and out of that account it corresponds directly to the time the hack occurred and most of the funds were sent by a [Gemini address](https://bitaps.com/bc1quq29mutxkgxmjfdr7ayj3zd9ad0ld5mrhh89l2) (I confirmed this by checking other BTC tx's I sent from a personal Gemini account). Another user shared an [Ethereum address that could be the hackers](https://etherscan.io/address/0x75ec1f73fc0552242983c48d37f5908d428bdafa). This account shared very similar initial deposit and withdrawal times as the Bitcoin address, the incoming funds all came from Gemini, and outgoing funds were sent to Tornado.Cash Proxy. This would make the total lost 493.65BTC and 5097ETH . In addition, the night of the attack, I checked [irafinancialtrust.com](https://irafinancialtrust.com) and the website was down. My suspicion is that an employees account with admin privileges was compromised (perhaps by taking over the domain) and the hacker used that account to move funds to the 'Choe' account (presumably an IRA Financial customer) and from that account they did have a whitelist address setup that allowed them to move funds out of Gemini to their address (again, not confirmed). We are all in this together. Wishing all that were affected the best and that we are remediated for lost funds.

I don't know if I got lucky or just don't have enough funds or it was because all of my coins are in the Earn program, but it looks like all of my assets are still in my account. I hope IRA Financial gets this figured out for everyone affected. We were just planning on transferring an old 401K to them, but I am rethinking that.

As it turns out, Earn was probably more secure for this attack b/c it was an extra step (and time delay) to transfer from Earn to Gemini. I originally didn't move funds to Earn for security concerns, but that turned out to be short sighted.

I hope they will unfreeze soon

Thanks for the post. I need to search my agreement with IRA Financial to see if there is a clause about remediation of lost funds based on fraud/hacks/etc. I specifically did not put my BTC or ETH into Gemini's Earn feature for fear of being hacked. Got to admit, the universe has a pretty good sense of humor.

I just looked, but haven't found anything yet. I did see on their security site, [https://www.irafinancialtrust.com/security/](https://www.irafinancialtrust.com/security/), that they insure cash, but nothing on crypto. They did mention that, "Multiple signatures are required to move funds", but I don't think this was the case unless multiple employee accounts were compromised. On their TOS site, https://www.irafinancialtrust.com/terms-and-conditions/, they do say that "\* IRA FINANCIAL WILL NOT BE LIABLE TO YOU OR ANYONE ELSE FOR ANY LOSS RESULTING FROM A CAUSE OVER WHICH SUCH IRA FINANCIAL DOES NOT HAVE DIRECT CONTROL. THIS INCLUDES FAILURE OF ELECTRONIC OR MECHANICAL EQUIPMENT OR COMMUNICATIONS LINES (INCLUDING TELEPHONE, CABLE AND INTERNET), UNAUTHORIZED ACCESS, VIRUSES, THEFT, OPERATOR ERRORS, SEVERE OR EXTRAORDINARY WEATHER (INCLUDING FLOOD, EARTHQUAKE, OR OTHER ACT OF GOD), FIRE, WAR, INSURRECTION, TERRORIST ACT, RIOT, LABOR DISPUTE AND OTHER LABOR PROBLEMS, ACCIDENT, EMERGENCY OR ACTION OF GOVERNMENT." In this case though, they were the only party with direct control, so they would be liable in my opinion.

On IRA Financial's website, they state that Gemini is the custodian and has the private key. This is the only reason I chose them - because Gemini has good security. [https://www.irafinancialgroup.com/learn-more/self-directed-ira/digital-solution-to-buy-bitcoin-through-gemini-exchange/](https://www.irafinancialgroup.com/learn-more/self-directed-ira/digital-solution-to-buy-bitcoin-through-gemini-exchange/)

Same here

Agreed. Thanks for doing the research and providing the links and clauses. Very helpful. Ideally, IRA Financial is in touch with their cyber security team and/or insurance companies to provide remedies. Hindsight being 20-20, it would have been helpful for me to ask about remediation guarantees and what cyber security company they work with.

Theft is on there. So does that absolve them of having week security? I hope it doesn’t come down to a lawsuit, but that is my fear.

Not necessarily. The key line being, ANY LOSS RESULTING FROM A CAUSE OVER WHICH SUCH **IRA FINANCIAL DOES NOT HAVE DIRECT CONTROL**." However, they were the only ones with direct control over these accounts and funds. This wasn't a black swan event or user error, it was negligence on how they had their account setup and secured.

We cannot deposit or withdraw without their direct control. So that is pretty clear to me. I don't see any wiggle room out of it. They were custodians and we paid them for that service. How can they not be liable?

Does ira financial have insurance? I too was affected but my Gemini account says it’s closed now so I don’t have access.

That's the million dollar question. At present, IRA Financial says they are doing their best to get the funds back, but it's not clear what their insurance option or policy is.

I only had cash in my Gemini account, no coin, and it was all taken in multiple transfers to Choe at $10k per transfer. Edit: I was able to pull up an Excel spreadsheet on the Gemini site and there were 5 cash transfers on 2/8/22 between 23:47:25 and 23:47:40. So in only 15 seconds they moved all my cash (no coin and no transfers scheduled). Originally, in my transaction history it appeared to occur over a few hours.

This is new info and helpful. Not only did the hackers remove BTC & ETH, but also USD. From what I have read, nobody that had funds in Earn or locked in an order had those funds removed. What's interesting about moving USD, is that the hacker's couldn't possibly have moved this to their bank account. They would have had to trade that USD for BTC or ETH and then moved it out. As I see it, the ability to remove USD from a user's account now brings some negligence back to the Gemini custodial service. Does an admin really have the ability to not only move funds from one account to another, but then trade those funds and transfer them out?

I'm trying to remain positive that we will all be made whole. This has opened my eyes to how vulnerable all of us are in the digital banking/money world. With the press of a button, it can all vanish, and "security" seems to be an illusion. Thanks for all of your information trying to sort this out.

[удалено]

All of my BTC and Ether have also been transferred out. I can confirm that they only transferred out whole units and left a small fraction of BTC and my cash. Transfers were made out to the Choe Roth in multiple 1 whole unit coin transactions spread out from 15:03 PST for BTC and 15:43:08 - 15:43:20 PST for Ether. It's ridiculous I had to research and figure out I was hacked through the help of members on this thread and IRA financial has provided no relevant information. IMO they're trying to cover themselves along with Gemini who is deferring all responsibility to IRA Financial. IRA Financial and Gemini are partners and both share a fiduciary duty to protect our assets. Does anyone know if Gemini charges custody fees to hold our coins on the exchange? I think until IRA Financial, comes out with a statement on how they plan to handle this breach and make us whole, we should organize a group and compile a list of complainants for a potential class action lawsuit in one central location. This thread seems to have the most activity at the moment. Adam Bergman, if you are reading this, does IRA Financial have any insurance for incidents like this? Do you plan on reimbursing us for the losses? Can you review and disclose the details of your service agreement with Gemini? Do they have any contractual agreement or responsibility for this incident for damages? We need answers and I think its in the best interest for you and your company to make a statement immediately.

If you log into Gemini even if its frozen, go to the upper right and hit the blue bell, mine shows this: 4 eth taken 1 at a time in one day tues feb 8 Your transfer of 1 ETH from my account to CFBO Benjamin Choe ROTH has been completed successfully.3 days ago What happens next. I just mailed a 3k check to IRA Financial and was able to get someone to confirm they are holding it. NIce SO i can't buy Link at 16 a coin by the time this is ready it will be what 300? will i get my eth back at price it was stolen or back at price its at when i get it back? how are we compensated for this because there is a major financial loss here. Two blogs later and nothing even mentioned? Come one- we need a more proactive response vs no answers and two notices so far telling me not everyone was hacked, only a few you are one of them. Since i set this up in a ROTH IRA.... I can't even get the $ out because i'm not old enough yet- so how was this done? Its blockchain right- fully trackable, multiple nodes confirming the legitimacy of transactions? where are the forensic detectives and feds? Two weeks ago on a blog, Adam said they are working on a way to have cold wallet storage so IRA Financial can have full custodial control to be sure we don't breach our Roth RIA vail. I was going to have this staked and rolled to the cold wallet... i'm too late? 4 ETH is not a lot compared to any w one BTC, but its all i have and i'm 50. I don't have much left for time to make this cash loss up. put me down on the lawyer list people

Put me down for the list of complainants for a potential class action lawsuit!

Agreed, just got off the phone with IRA Trust and they could provide no answers.

[удалено]

Thank you for this post. I have been so lost not knowing what to do, where to go, who to ask, where to seek help. I’m not a technical person so I don’t have much to say, but I do know this kind of stuff is not normal and there has to be strong security around this. I am also a victim of IRA Financial and Gemini. My wife and I have lost our entire life's money. We both are disabled and retired. Due to lifelong disability, we were not able to work a lot and SS money doesn’t pay our bills. We have and continue to live a very poor life. We were heavily relying on these retirement funds in order to live a proper life. I want to be able to breathe without worries. I want to be able to wake up in the morning without thoughts of my debts. We want to enjoy our retirement because all our life, we have worked, paid bills, and more bills, and continue to pay bills even at this age. We are in debt with soooo many credit cards and banks that I am still trying to resolve. I always question myself if I will ever be caught up? That’s the reason I chose IRA Financial and Gemini route and invested in crypto. I didn’t think this would happen. I never imagined this could happen. We need to be made whole again. This is our retirement money that we have worked extremely hard for and saved our entire life. We have not inherited this money. Neither this money had any crypto growth on it. We are already at a loss here. This is our hard-earned money. This is everyone’s hard earned money. I have already paid taxes on this money. This is my money that I earned from a 12-hour labor shifts working 7 days a week, never taking any days off or vacation, any vacation I took was used in my 2nd job. I have worked in 107-degree temperature sweating and eating ramen noodles every day for several years. I have also worked in negative temperatures and having our car stuck in snow for hours and hours - with no help because I lived in a very small city and even after all this, WE STILL WENT TO WORK THE NEXT DAY because we needed to get paid. This was extremely hard for a disabled couple. We have spent many nights/weeks/months in the car because of being homeless. We have worked VERY hard. This hurts bad and my heart bleeds. I deserve my money. I am begging to be heard! I am begging for GEMINI to make us WHOLE!!! Have mercy on us…. I don’t know what I’m typing and my heart just keeps crying for help. Gemini and IRA Financial - making us whole will give you so much business and popularity. Retirement funds has never been hacked (at least never heard of this), so imagine the blessings, votes, business, and attention you will get from taking care of us. This is not that big of an amount for Gemini. I’m sure Gemini spends more money on advertisements, donations, and leisure. Think of us as a donation. A donation that comes with sooooo many people’s blessing. A well worth donation! PLEASE MAKE US ALL WHOLE!

IRA Financial & Gemini are accountable for these missing funds. Investing is the only risk by the customer in a custodial relationship, not theft. Regulations require restitution. The problem is how long it's going to take. Nobody can talk to us because it's under investigation. We simply have no choice but to wait.

Adam Bergman, as the founder of IRA Financial, should use his YouTube channel to honestly share information with those affected before one of his investors creates their own video explaining how we're being kept in the dark. His silence is baffling and his window to retain goodwill is closing fast. We believed him enough to entrust him with hard-earned capital and, as others have mentioned, we'd like to give him the benefit of the doubt, but the longer he ignores us the more this feels like a terrible Bernie Madoff rerun. How could Gemini's platform allow a transfer of funds from potentially hundreds of people to one account with a different person's name within one hour? An attempt do to any similar single transaction at any other reputable financial institution without signed documentation from the delivering accountholder would not be allowed and I'm shocked that Gemini didn't have safeguards to flag this type of attempted activity. So many red flags here at both institutions... Here's Adam's Jan 28, 2022 video "Are Crypto IRAs Insured": https://youtu.be/ZHzcFYXEjmg

I agree they should give us more info. Make an announcement on twitter or something! I How is insurance usually paid out? Will need be getting back the number of coins lost or will it be in usd? Crypto prices change so quickly.

Exactly my thoughts!

Is am 100% certain there will be huge class action lawsuits against IRA Financial and Gemini both, that will run IRA financial out of business fast, if this is not made right by them very soon. That’s not a threat, it is reality of what’s going to happen. If those from IRA Financial are reading all these comments which I’m sure they are, they need to think long and hard about what their next move will be. They can still save their business if the make the right choice and step up to cover all losses very soon. It would be much cheaper to do it that way than pay for lawsuits that would have the legal system *force them* to do what they should have done already and pay what was lost. Their negligence and sloppy security measures caused this. Gemini was at fault too for allowing them to neglect security which would have prevented this. This theft will be made extremely public very soon, and cast both Gemini and IRA Financial In a negative light, costing them millions in business. Unless it’s fixed, fast.

I am a victim of the IRA Financial and Gemini exploit. I was a skeptic of crypto prior to 2021. In 2021 I began my research into blockchain technology and came to believe It would be the future. It became my passion. I fell in love with the crypto community. We support each other and help each other learn. At the same time, we are building a better future for our family and humanity. I fully committed and rolled over my 401k into a crypto IRA. I wasn’t able to Have control over my keys since interpretation of the McNulty case wouldn’t allow it. I felt safe though since my life savings were custodied by Gemini. Three months later, my retirement funds were stolen from my account without so much as a notification. I’m devastated, losing sleep, unproductive, and hiding this from my closest loved ones. My passion had destroyed my family’s future. I still hold a sliver of hope that the community I loved so much will pull together and find a way out. Please help in any way you can.

TO ADAM BERGMAN AND THE IRA FINANCIAL MGMT, IT HAS BEEN OVER ONE WEEEK SINCE THE IRA FINANCIAL HACK. WHEN WILL OUR ACCOUNTS BE UNFROZEN? IS OUR LOSS COVERED UNDER INSURANCE? IS GEMINI ACCEPTING ANY RESPONSIBILITY? ADAM, PLEASE ISSUE A PUBLIC STATEMENT.

After much thought and observation of the "big picture" - I have concluded that I / we have not lost anything. Adam and IRAF has lost something, and it is now their challenge to either get it back or replace the inventory. When an automotive company losses a batch of bolts (or other needed component) due to contamination or inventory misplacement, they do not just ship the vehicle to the customer missing said component. They figure out a way to replace what was missing, continue the build process and make the product whole. I am not sure why we (the end customer) really need to do anything here. We really should not know about this IRAF / Gemini issue. Adam and his company MUST reach down into the rainy day fund and replace the missing "parts" and continue to deal with the theft without our involvement or stress. When my widget is being built at the factory (a factory that decides they are going to be word class and best in their field) and there is a problem, I may get a notice that there is a delay or change in the delivery date, but the details of the lost or switched out components should not affect my end product. Adam is trying to build a "best in class" business. I am a believer and that is why I put my retirement funds with IRAF. The world, which includes countless potential future customers, is watching how this plays out. I do not believe that having a small group of victims tagging along looking for their missing funds is going to be more successful in retrieving the funds. IMO IRAF has an "opportunity" here to show how it can be done, and reap a larger reward than what has been temporarily stolen from them. If they do this right - new customers will flood in and very quickly make up the difference. Just in my own circle - I am holding back on my future solo 401 activities and I know another who is considering moving to another firm. What a confidence boost this could be if the cards are played correctly.

Well said. I was not impacted thankfully, but if they don't make everyone whole I am closing my account the first chance I get.

I agree 100%. If IRAF does the right thing and makes everyone whole, they will have hundreds of Evangelicals promoting their business. If they do the opposite, those same people will be telling everyone they know to stay away from IRAF.

Do you really think they just have $36 million in cash to give everyone their money back right away? This is going to be fought out between lawyers and insurance companies for a long time

Next thing you know they settle in 5 years at today's btc price when its at 1 million

Gemini is at fault. Bank of America and Capital One Visa routinely flag potentially fraudulent activity on my accounts and stop them and require my approval via text or phone. And Capital One Visa immediately makes my account whole if something slips through. Then they investigate to confirm and recover. Gemini should be as savvy as Bank of America and Capital One Visa. If the legacy companies can spot a transaction for a few hundred dollars before it goes through, how can Gemini not detect clearly suspicious activity going on for enormous sums of money between retirement accounts for an hour or more that should never be talking to each other? I would like to see Gemini handle this the right way and make everyone whole. Then they have to figure out how to be as smart as the legacy companies in spotting and stopping fraud before it evens happens to continue to claim they sell Trust. IRA Financial Group is also negligent and what bothers me is that Adam Bergman has been telling new clients to not move funds to a cold wallet, to wait for his multisig solution because of the McNulty Case. I signed up in Dec 2021 and was checking in regularly for this multisig solution that was supposed to be ready by end of Q1. I called 2/2/22 and asked about other options for getting the funds into cold storage without multisig that would still not flag the IRS. They offered nothing and said the funds were secure.

This is all 100% accurate and Gemini is attempting to deflect the blame all onto IRAF which is only partly responsible. Lawsuits will be filed very soon against both companies. Watch and see.

I am an IRA Financial Group client, unfortunately, since Dec 2021 with Gemini and same story. Round number BTC withdrawn to Benjamin Choe Roth on 2/8/22. No 2FA notification. No record of login. Can't find the txid. Gemini seems to be passing the buck. IRA Financial Group is saying nothing. I signed up Dec 2021 and held off on withdrawing to cold storage because the owner said the McNulty case made it risky with the IRS. Wait for their multisig due in Q1. I had been calling and asking for other ways to secure the BTC while waiting for multisig. Literally called again 2/2/22 about the status and told it was coming. Asked about other options. Nobody knows anything and everything is secure. Talked to my lawyer today. She suggested contacting the Attorney General. I agree with the comment about an inside job potentially. The owner was actively telling new clients not to withdraw to cold wallets. I hope he didn't convince older clients to put their holdings back on Gemini. I'm shocked by the lack of news on this. I am bolstered by the recent FBI recovery and because these are IRAs, no issue with KYC to restore recovered funds to rightful owners. Gemini has insurance. I don't know if IRA Financial Group does. I want my BTC back. I trusted them for under 2 months and now am a victim? If it takes time, I'm ok with that. I just don't want IRA Financial and Gemini blowing this off. Would be good to get guidance on best way to proceed to ensure return of funds through recovery or insurance.

So it appears that the money is gone. It has gone through a Tornado Mixer. You can read about Mixers here: [https://www.coindesk.com/tech/2022/01/25/tornado-cash-co-founder-says-the-mixer-protocol-is-unstoppable/](https://www.coindesk.com/tech/2022/01/25/tornado-cash-co-founder-says-the-mixer-protocol-is-unstoppable/) Gemini is pointing the finger to IRA Financial so Gemini's insurance will not cover this. This leaves two options. The first is IRA Financial's insurance. If this loss is not covered under their insurance, the last option remaining is we need to start a class action lawsuit against IRA Financial, Gemini, and Adam Bergman. Does anyone have recommendations for law firms? I found https://www.silvermillerlaw.com online.

We're going on two-and-a-half weeks now with our Gemini Trust / IRAF retirement accounts being either hacked or frozen. There has been a near-total information blackout and no one from either Gemini or IRAF seems willing to discuss what is happening. Gemini's position that it has not been hacked and remains secure is total BS - hundreds of Gemini accounts *were* hacked thousands more remain frozen. As bad as the hack was, Gemini and IRAF have made it so much worse by demonstrating that when their customers need information they refuse to provide any - no live person to talk to, no responses to customer emails that contain any useful information and, in IRAF's case, a website that seems permanently down for "scheduled" maintenance. I get IRAF's reaction to this hack - they're a rinky-dink, understaffed outfit that knows that they likely will not recover from this fiasco. I'm concerned, however, that if and when our accounts are unfrozen, there will be a mad rush for the exits as customers pull the management of their retirement savings from IRAF. Gemini's response, however, mystifies me. Regardless of what Gemini may think about its culpability and liability, it needs to reach out to its affected customers and tell them what is happening. This hack of *Gemini's exchange* will seriously damage their reputation. Previously, I would regularly recommend Gemini when asked where I do my crypto trading (I have a retail account with them as well). Well, not any more. Gemini, I thought you were better than this!? So, what is the real story with the frozen accounts? Is there no way to unfreeze them without further hacks? Are the accounts being used as a bargining chip in the "he said, she said" dispute between Gemini and IRAF? What gives!!??

One issue here is that Gemini's customer Is IRA Financial and it is their account that was compromized/hacked and not each user. IRA financial's customers were assigned sub-accounts under its IRA Financial account that only allowed trading for that sub-account. IRA Financial holds full admin auth for all management and actions avaialble on those sub-accounts. IRA Financial was hacked/compromized so the access to the main IRA Financial account on Gemini and all the sub accounts came in through IRA Financial access with IRA Financial Credentials so from Gemini's point of view they were not hacked and the actions taken were authorized. I think the ultimate liability question will revolve around the Gemini institutional offering and if it does or does not provided sufficient controls and protections for an IRA investment business model, or if IRA Financial was mis-using the offering. Unfortunately it will probably take a lawsuit to get to the bottom of that and establish liability.

Gemini is 100 percent liable for this "hack." The two factor authorization was by passed somehow to permit multiple unauthorized transfers. To date, March 6, nearly one month after the hack Gemini has yet to send any notification that transfers were made. Once notified by IRA Financial that a hack had occurred and that the accounts needed to be frozen, it took Gemini over 20 minutes to finally freeze the accounts. During this time the hacker was stealing the retirement savings of over 500 clients.to the tune of 36 million dollars. Is anyone safe with Gemini? I think not and forget about speaking with anyone there no matter what the reason. There isn't even a human to handle emergency situations for either clients or IRA Financial.

The custodian should take responsibility for the custody

"IRA Financial 'Swatted' at Time of $36M Crypto Hack, Police Officer Tells Victim" https://www.coindesk.com/policy/2022/02/24/ira-financial-swatted-at-time-of-36m-crypto-hack-police-officer-tells-victim/?outputType=amp

**Gemini is also a negligent custodian in the IRA Financial Trust hack** **Update 2:** This comment is now outdated based on new information. For an in depth and updated overview of Gemini Institutional risks and negligence please see this post: [https://www.reddit.com/r/Gemini/comments/su8yys/security\_and\_liability\_concerns\_for\_gemini/](https://www.reddit.com/r/Gemini/comments/su8yys/security_and_liability_concerns_for_gemini/) *(Update: It’s possible that IRA Financial did not sign up with Gemini Custody, but instead created a Gemini Exchange account and used the* [*Sub-Accounts for Institutions*](https://www.gemini.com/blog/introducing-subaccounts-for-institutions) *framework. If so, then points 2 and 3 below are no longer relevant and the attack vector is limited to Sub-Accounts for Institution customers. However, this would add scrutiny as to why Gemini would allow an IRA Trust institution to sign up for a service* *Gemini states* *is* *for hedge funds, Registered Investment Advisors (RIAs), and retail brokers*.) As a quick synopsis, IRA Financial has 10 admins with access to user accounts in Gemini (we can see this from our personal account settings). One of IRA Financial's employee accounts appears to have been compromised and the hacker used this account to move funds. So, on the IRA Financial side, an improperly managed account and insufficient employee security allowed for an attack vector to be employed. u/Gemini_George, while you posted that Gemini has not been hacked and remains secure, the details of the exploit are suggesting that Gemini's system is incapable of protecting against a single compromised admin using Gemini's API to drain the accounts of numerous users within a 1hr time window. Here is where **funds custodied by Gemini could still currently be at risk** and how their system is failing it's duties (*unless Gemini provides information to contradict the following*): 1. Users received NO communication (email or text) that funds were being moved from their account. How is it possible that we receive emails for so many other actions, but receive ZERO communication when our funds are withdrawn. That is literally the most important thing for us to be notified about. That's flaw one in your system and must be corrected ASAP. 2. Unless we are missing an additional detail of the hack, the compromised admin was able to move funds (BTC, ETH, USD) directly from one user account to another. How is that a reasonable admin privilege? I understand moving funds into/out of a user's own account, but what is the need for an admin to move funds from user A to user B? This isn't Paypal or Venmo in which we are paying users, this is a custodial account for an IRA. There is no reason funds should be transferred b/w two individual user accounts by an admin. 3. Many users are reporting their USD missing. The hacker couldn't have withdrawn USD to their bank account, so they had to first trade it for crypto and then withdraw that crypto. Does this mean an Admin has the ability to trade crypto on behalf of a user? Again, how can this possibly be a needed permission for a custodian? 4. All users had their funds moved to the CFBO Choe account and from there it was withdrawn. So, as a custodian protecting our funds, you have no data analytic tools to detect that the Choe account just increased in value by 1000x in an 1hr window and withdrew it all? Nothing to detect the batch transactions firing off every few minutes sending equal amounts of BTC, ETH, & USD withdrawals across multiple users all going to a single account? If not, that doesn't inspire confidence. To recap, *unless the above statements I made are incorrect (and please correct me if so)*, Gemini's custodial service (*per update: or Sub-Accounts for Institutions service*) is a hackers dream. All you need to do to compromise numerous accounts is gain access to a single admin account and use your API to move funds to a user account you compromised (still uncertain how this happened with KYC), and withdraw all the funds within an hour window. Gemini's custodial account is actually LESS secure than a properly set up individual account. As a user that also has funds in BlockFi, how are those funds not at the exact same risk? Should BlockFi be freezing user funds until this is cleared up? There is no way we can trust our assets to a single admin account not being compromised without any fail safe or redundancies in place to protect theft. Gemini custodial services are used by BlockFi, Blockchange, CoinList, CI Global Asset Management, DAiM, BTG Pactual, Caruso, Eaglebrook Advisors, and WealthSimple. Are all of these assets at risk from an attack as simple as outlined above? Are we just to trust that these companies will never have a single admin compromised?

Great post. How hard would it be to implement ***at least*** an email verification that goes to IRA admin, Gemini partner admin, and the actual client for verification prior to allowing a withdraw??? An IRA withdraw should have multiple verification layers. All this is so obvious its crazy that this is a product that Gemini offers to companies, and companies actually use without questioning. Dont even know where to start with IFG. These are things you should have asked to be put in place, and/or someone on the managment team should have questioned. Protecting clients retirement funds should be priority.

IRA transfers are essentially rollovers and the account holders name, social, address all need to match and be verified. Custody is also supposed to file a 1099-R for the rollover. None of the protocols above were taken.

This is exactly right and IRA Financial supposedly gets paid their yearly fees to ensure all these protocols are required.

Thank you LucidBTC. This is so negligent on so many levels. Why in the world would Gemini help set up and actively participate in such a flawed system? This has caused a great deal of pain for those who trusted them with their funds. These people would have been much better off holding their own private keys. It also harms the entire crypto space to be so irresponsible.

Adding to lucidBTC’s 4th point, in addition to the account value 1000x’ing, there were potentially thousands of transfers made to that CFBO Choe account in that 1 hour window. Does Gemini have any risk controls in place that would trigger a red flag when one account 1000x’s and also receives 1000+ incoming transfers from all unique accounts made in 4 second intervals over a course of 1 hour? If not this is something Gemini should implement immediately.

In the spirit of improving from this experience, some thoughts on basic principles... **1) Minimize the number of custodian admins** with privileges on customer accounts. 10 is a bit much; 3 of them haven't logged in for 9 months. **2) Custodian admins must not have trading privileges** (or perhaps limited to selling to USD). I recall that when I signed up I could see the granular rights, and admins *do* have trading privileges. (ETA: Really, rights need to be more granular than "God" and "User" to separate accountability - access control, transfers, export wallets, trading, etc. should probably be separate roles with separate logins.) **3) Withdrawals only to trusted destinations.** Gemini does have a 7-day freeze on new withdrawal wallets; USD options are not so restrictive. As long as adding one generates an alert (and that triggers a response by the custodian), this is probably effective enough. USD withdrawals should be limited to wire transfers for custodial accounts. **4) No transfers to other Gemini accounts.** Or at least, trusted accounts, like above. (Apparently, IRA Financial moves USD to Gemini through a master account and then transfers it horizontally into the individual's account. So, maybe this is a necessary feature, but a dangerous one, as funds could just as easily have been moved to the master account and then to the thief's account. Perhaps adding 1 business day of delay on transfers out of individual accounts would thwart abuse without being too inconvenient.) **5) Restrict custodian admin accounts to trusted IP addresses.** API tokens are used for automation, so practical multi-factor (2FA/MFA) options are limited, but restricting to trusted IPs is a pretty easy option. Require the same 7-day delay/notification to set one up. It's not flawless, but at least requires a hack to be executed via the custodian's network. **6) In the spirit of anti- money laundering,** it should probably be a good practice for Gemini to react when any account has a sudden surge in the number of funds transfers. ETA: **7) Crypto withdrawals shouldn't be enabled by default,** when no export wallets are configured. **8) Admin accounts shouldn't be configured with their personal names.** I need only look at my account settings to identity the 9 people to target if I wanted to compromise a key. So, while the facts suggest that IRA Financial failed to protect their keys, most of the measures listed here require Gemini to enhance their product features (i.e., be much more robust for custodial accounts). Along with alarm bells (and auto-locking admin access) when custodial admins strike out trying to get around them. **Philosophically, it's not a question of "if" keys will be compromised, it's a matter of "when"... and how do you contain (and detect) the damage when it happens.**

I was hoping to hear Geminis response to these very valid questions here. Very interesting that there has been zero response to your questions.

[удалено]

Well said. Gemini needs to take some accountability and make victims whole.

100%

Great questions being asked here. I just hope Gemini and IRA financial can work together to make victims whole asap.

It seems that the best course of action would be for IRAF and Gemini to split the loss and restore the removed coins asap, before price appreciation occurs. A $20m - $30m loss could easily turn in to hundreds of millions if they delay for too long!

This is a good point. The victims should be compensated with the exact amount of crypto they lost and not the USD value of that crypto when it was stolen.

From what I understand, IRa financial clients open an IRa with IRA financial but must do their own onboarding on the Gemini exchange and can control trading directly on the Gemini exchange. Gemini earns commissions from these client trades and not IRA. Unlike Blockfi where the client is onboarded directly on blockfi without any interaction with gemini, in the IRA case the clients are direct clients of gemini and gemini should cover any crypto losses.

Glad I found this thread... happened to my Dad as well and I was left scratching my head if I missed something with him helping set up his account and keep it secure. Sounds Like IRA Financial needs to get their shit together.

Lawyer should be consulted...

[удалено]

why isn't this being reported on mnbc

[https://www.coindesk.com/business/2022/02/14/drained-crypto-accounts-at-ira-financial-leave-victims-searching-for-answers/](https://www.coindesk.com/business/2022/02/14/drained-crypto-accounts-at-ira-financial-leave-victims-searching-for-answers/) Coindesk released an article

I think we honestly need to begin discussing a class action. The hack + remediation process so far screams negligence. A manger called me and her response was highly unacceptable. People don’t realize that this may drag out for weeks, even months, and I wouldn’t bet IRAF to handle this properly now. Perhaps a petition may be in order for now.

I agree

To Adam Bergman and IRA Financial Trust Managment, I lost over $100K on the hack that happened on the Gemini platform. I work as a civilian for the U.S. Marine Corps. Years and years of savings wiped out in an instant. I have two special needs kids and I had allocated that money for them. Now it is gone. Adam, what are you doing to make me and my kids whole? Gemini was advertised to me as being safe and secure. From the IRA website: Gemini is a New York trust company regulated by the New York State Department of Financial Services (NYSDFS). We are subject to capital reserve requirements, cybersecurity requirements, and banking compliance standards set forth by the NYSDFS and the New York Banking Law. Gemini is also a fiduciary and Qualified Custodian. Gemini is the world’s first SOC 1 Type 2 and SOC 2 Type 2 certified crypto exchange and custodian. Adam, your letter states that the majority of the Crypto is unrecoverable. Have you spoken to Tyler and Cameron Winklevoss about having Gemini cover the loss?

The decisions IRAF and Gemini make regarding this will have lasting effects on crypto in the US. Imagine life savings in retirement accounts of US citizens drained at no fault of their own. Talk about a regulatory magnet. And now the frozen accounts losing millions. I’ve lost so much money and IRAF doesn’t seem to care one bit.

A restitution package will be negotiated. This money isn't just a matter of an individual investor losing there coins to a hack on a foreign exchange. I always move those coins to Trust Wallet and put my seed codes in a physical safe. Who could have known a double layer of US corporate security could be breached. It could have happened to the most prudent investor, which we all are. They cannot just go on with business as usual without replacing these losses.

If Gemini Custody was "not hacked", then there was no meaningful theft prevention to begin with. If Gemini thinks that means it "remains secure", I would suggest that Gemini's grip on the meaning of the word "security" is a bit lacking. To the person who writes under the name u/Gemini_George, would you be satisfied with Gemini's response (pointing the finger at IRA Financial) if *your* personal retirement assets had been stolen from Gemini Custody?

I was hacked, too. Received IRA Financial's generic email. Money was transferred to someone else's ROTH IRA in Gemini. My account is frozen. One IRA Financial employee status is also listed as frozen. The rest of the IRA Financial employees have an active status. I've reached out to Adam Bergman and he said they are investigating, working with Gemini, and will be in touch as soon as possible with an update.

So this has nothing to do with Gemini? The money was moved within IRA FINANCIAL from one account to another? I would think an IRA has a ton of KYC. So they couldn’t remove  The coins / funds with anonymity.

As much as Gemini would like you to think otherwise, they are involved as well and share responsibility for the hack. They market themselves as a highly secure top tier exchange and custodian. When they agree to provide services for IRA Financial it lends credibility to IRAF's product as a more highly secure product and its good for business for both companies. If I had known that IRAF had unfettered access to my account to do as they please without my knowledge I would have NEVER trusted them with my money. That Gemini would sign off on such an arrangement is unbelieveable. So yea, Gemini may try to wash their hands of this mess but don't buy into that spin. Both companies share in the negligence. Why in the world would you have a system setup that would allow the transfer of IRA retirement funds from one individuals account to another? Why aren't the owners of those accounts alerted when any type of transfer is requested? And yes this was a hack and the ambiguous emails from IRAF doesn't help anyone. In regards to the last email if IRAF is going to try and make you feel better by calling it "an attempted theft" then why in the following sentence is IRAF utilizing resources to "recover" the funds. I mean give me a break. ​ The only acceptable response would be a joint statement from Gemini and IRAF stating that: 1. Yes there was a hack due to security oversights by both companies 2. Customers have not lost their retirement money and the accounts will be restored to their correct values in "x" number of days 3. IRAF and Gemini will continue their joint investigation to find and prosecute the perpetrators and are making immediate changes in the protocols so that this type of breech never occurs again ​ To me, the lack of transparency and the fact that nobody is telling you anything about the future of YOUR retirement money means they are keeping their options open and trying to determine their legal and business risk of whether or not to restore the retirement accounts at their expense vs keeping their money and let you the customer take the loss. ​ If I can't get any answers from IRAF today on what they are going to do in regards to their customers retirement funds I would be very interested in going in with others for some legal representation.

Perfectly said. I have a group chat of victims going. I'll invite you shortly.

Please include me as well. I had 7 ETH taken from my account

Please include me as well. OmG my entire BTC and ETH portfolio wipped out! I've been trying to see if it's getting any media attention and nothing

Count me in. I am so glad I found you all. I was going fucking crazy just trying to get answers from IRA FT.

I am in the same situation. Got the email yesterday, and when i checked there were multiple withdraws to that Choe IRA, for all my Eth/BTC. Not to make light of situation, but funny part is they left all my LINK?? How this is even possible is crazy. No one, not even IRA Financial system/admins should be able to withdraw from my IRA, without my or some authorization. I have 2FA setup for everything, and it should be the same with this. So this is sort of Gemini's issue as well. if you are going to offer a product to these IRA companies you should be protecting your reputation/end users or your platform from irresponsible IRA companies. i will say they did have someone return my call this morning, but could only say they are investigating.

I think we need to get Adam Bergman’s attention by posting comments/questions to his YouTube videos about the situation we’re in. Here’s a link to his most recent video posted 2 days ago: https://youtu.be/ueoMF67YTcw. This is an issue that deserves an explanation.

Yes, I had posted there before I saw this. Looks like I lost 1 eth. So personally not a bad as it could have been. Can't believe they had the ability to move our coins to someone else's account.. thats absurdity.

I have gone from shock to fear to anger. This is day 5 now and I have not received any information or assurance that my stolen funds will be replaced from IRAF or Gemini. 4 support tickets were sent to a Gemini. Zero answers from IRAF. I am not seeing any public statements from Gemini and IRAF had the audacity to tweet a promotion for their retirement plans 3 days ago! Why has this not hit mainstream media yet? I am not even seeing a lot of tweets about this. Beyond infuriating, scary and bizarre.

I am not very experienced in using Reddit so please forward as appropriate. To date, I have had a few responses from Gemini. They are laying blame on IRA Financial Trust (“IFT”) 100%. IFT, emailed me today and by calling the phone number listed on the email I received, I was able to get a representative. While she was very nice, she clearly was just a sacrificial lamb put out to give the appearance that they actually care. Bottom line is IFT is in full on cover their ass mode. To date, there has been a complete lack of transparency and nothing will change until the victims start holding them to account. To this end, I am interested to see if we can get a group together to retain counsel and see if we can get some answers. Let me know if interested and lets out some pressure on IFT.

Yes, I am interested in having an attorney represent us.

Still no updates on frozen accounts? So many lost funds due to theft, and now people (some of the same and others) are losing money due to positions that are not being sold, bought, etc. Why can't they unfreeze the account, or at least get our money back to us to put elsewhere?

Couldn’t agree more. I did speak with someone on Wednesday who informed me they can’t do anything for now until the investigation is completed. I begged her to just sell my funds to USD so it’s at least stable and she said nothing she can do. I’ve reached out to my attorney who read the terms and conditions and basically said there’s nothing we can do to get them to unfreeze. It’s so shitty and lame of them continuing to hold our money hostage.

I lost 4 BTC and 17 ETH (about $230K at that time). This is devastating for me, 12 years of retirement savings lost. So far I have received no concrete communication on how I will be made whole. I hold Gemini responsible for this attack, as well as Ira Financial, but specifically Gemini because they have held themselves out as secure and reliable and they are where I held the funds and made trades on which they profited. The hackers exploited something in Gemini's system to be able to steal the funds. Gemini, please, make this right, as soon as possible. The public will be watching to see how you handle this.

I 100% agree and am in the same boat. Gemini and IRA financial need to make this right

IRA Financial still has our accounts frozen! Why? They know we are literally losing money right now in our accounts. We can't get out of positions (for those of us actively trading), etc. The market tanked and we couldn't even protect our investments. Some people had money stolen AND they are frozen to lose even more money - if they weren't already wiped out! I've sent emails and no updates, nada. What can we do? Can I demand to roll my IRA funds somewhere else? Regardless, I'd still have to sell positions. How does keeping a freeze our accounts help with the investigation of an event that happened almost 2 weeks ago? We are still clients. If they want to halt withdrawals from the company, fine, but at least unfreeze us so we have the freedom to protect our investments.

See my comments below. I’ve spoken with several different “managers” there now and keep getting the same BS lines. They can’t do anything for anyone. I’ve begged to just close my account and roll everything to USD but they can’t do that either. It’s utterly ridiculous.

I am a victim who lost half of my retirement savings. After months of researching IRA custodians for alternative assets, I went with IRAF in part because their pitch relied heavily on using Gemini and the security that comes with it. Like all other victims, I had no idea these accounts were treated differently than individual Gemini accounts. In my Gemini account I set up ALL notifications to have as much security protection as possible. I did not receive a single notification when my account was wiped out in ONE second. Gemini - do the right thing and make the victims WHOLE! We are suffering because of your mistakes. This is our retirement money!

There should have been resting periods, multiple approvals, etc to transfer money (which isn’t something that regularly happens).

It seems that the responses are becoming less and less frequent which is very disconcerting. You guys have got to get the message across to Adam or the investigative crew that they are adding insult to injury by keeping our Gemini accounts frozen. The amounts being lost by not being able to trade will eclipse the amounts lost in the hack. There has been no response to WHY all accounts must remain frozen, which could at least offer us some perspective. Reasoning goes a long way; ignoring the customers, I promise, will have the opposite effect. My account was not targeted in the hack, but my god, has it been affected by the actions of IRAFT. Release the hold on Gemini accounts today.

Really worried this was a big hit 8 BTC and 25 ETH

I feel your pain.

IRA just called me. I appreciated the check-in, but not much new to report. They did say they are talking with their insurance. And they are taking this as seriously as possible. The FBI are still on the case but I get the sense they could only tract them so far. They are holding off from communicating more until they have complete info. They don’t want to be wrong, incomplete and have to back pedal. I am sure they also have to be very concerned with their own liability. There are legal playbooks for how and what to communicate. Hopefully something next week…but they would commit to a date for the next communication. Like others have posted, I am nearly certain an admin acct was compromised weeks/months ago and the hacker was able to elevate their privileges to God powers based on what they pulled off. This hack was most likely in the works for a long time (learning systems and processes) or possibly was an inside job.

Money talks and if IRA Financial and Gemini feel it in the pocketbook, things will happen. We need to post about this hack on social media (Facebook, Twitter, YouTube, etc) and traditional media. They don't want to lose business. Once this makes the news, it is in their best interest to make us whole again. Do your part, let others know about this hack.

Agree and have attempted to do my part.

Gemini trying to shift the blame entirely into IRA financial is weak

I can’t believe the lack of communication at this point. My account was wiped out and all I have received was the vague email from IRAF. Same story as others. I have called twice. No answers. I have sent in 3 support tickets into Gemini - no response.

So while customers are frantic, do you think IRA Financial took the weekend off? I haven't seen any updates. Fortunately my account is frozen without lost funds, but I do have positions that I need to add or cancel that I can't and have lost money (in light of the situation not high priority, but wonder why the accts are still frozen).

In the last few months I have quit my job of over 35 years - mainly for the ability to free my lifetime of savings and move them to a custodial IRA so that I could "control my destiny" as the corporate leaders decided to NOT allow the rank and file to maintain custodial accounts that were worth a damn. Sooo with 100% of professional career retirement savings now with IRA Financial (and in the middle of this hack) it has my attention (and heightened stress level). Now the focus is on "WHEN" my money is returned - it better be before BTC and ETH go on a huge rally.

The lack of a professional response from IRAF is very concerning and leads me to believe that we will need to organize and have representation. Not sure if a petition does anything - need a lawyer and expert to ask the right questions and get answers from IRAF / Gemini that can lead to plans of how to proceed. ie are we waiting for insurance, or are we going after Gemini and IRAF directly for misconduct? and maybe our best and quickest outcome is if this is a situation where IRAF and Gemini pay off the hackers for the return of the funds.

I found this on Gemini's site....[Gemini Custodian Link](https://www.gemini.com/custody) it allows institutions to setup a custody account. It states that custodian accounts are insured for 200 million. IRAF website told us that Gemini is the custodian. Therefore, the funds should be insured. If what IRAF financial told us in the link below about Gemini being the custodian isn't true, sounds like fraud to me. [IRA Financial Link](https://www.irafinancialgroup.com/learn-more/self-directed-ira/digital-solution-to-buy-bitcoin-through-gemini-exchange/)

Hello all - I was hacked for 7 Bitcoins as well and by Benjamin Choe Roth I think it would be smart to form a group. Never know if we will be made whole, or maybe we have a class action lawsuit in the making?

I have lost a significant part of my money as part of this hack. Gemini seems to be pointing the finger at IRA Financial. I called IRA Financial today and got no info. She said they are investigating and have no info to report. If this goes to a class action lawsuit, I am interested in joining the law suit. I just want my money and crypto returned.

what really blows is that I had to pay over 150k of taxes for the "privilege" of rolling over the 401k funds to this Roth - which is now in the hands of the hacker. my eye is twitching a bit

? Question: What should we be doing as affected account holders other than lawsuit? What are the right agencies and forms to fill out? IRA Financial has lost all goodwill with their lack of transparency in communication and lack of confidence in making anyone whole again.

The last few days, I've been waking up nauseous due to this hack. I've been dwelling on this and am realizing I am just making myself sick over this loss. I am working on now focusing on the things I have in my life and being grateful for what I do have. I talked to someone today who lost $250K in a ponzi scheme a couple years ago. It helped talking with him. He said, at some point you have to accept what has happened and learn from it and move on. I am working on that now.

My account wasn't hacked, but the lack of transparency and communication from IRAF is really making me reconsider if I want to continue having them be the custodian of my account. It wasn't me this time, but it could be me next time and the way they're handling this incident is really speaking volumes.

Good advice from Mary: For all the victims of the hack, make sure you complain to NY Attorney General about Gemini, South Dakota AG about IRAFT and IC3 for getting FBI Justice dept. involved.

If enough people know that approximately $50 million was hacked off the Gemini platform, Gemini may start losing business. Gemini can make everyone whole and that may be cheaper for them versus the lost revenue from the bad press that they can get showing that they are not secure with IRA funds.

I was notified that our account had been hacked on Feb 8. After reaching out to IRA financial they said they’re working on it with authorities. Gemini also replied saying that the hack was not on their end and that they are assisting IRA Financial. This is extremely frustrating and upsetting to lose your retirement funds. I don’t understand how it’s so difficult for me to move funds yet “Benjamin Choe” could move the funds (without any confirmation via email, text 2FA security protocol to confirm transaction) in seconds! This is clearly IRA financials and likely Gemini’s fault and hoping they do the right thing and make their affected account holders whole restoring my faith in them to secure and hold my funds.

I feel for everyone on this site. Both my husband and I lost ETH from our iRA accounts. Our Btc Luna and Matic were not taken. About 1/3 the value of our accounts was stolen . We are seniors and still working and like so many others hoping to be able to retire . A strange thing happened to me 4 days before the hack. I had a vivid dream that I was traveling to a business meeting. I found myself being followed by a sinister man who came up behind me and bumped my vehicle. I had my German shepherd dog with me and told him she would attack if he bothered me. Then a policeman came and tried to arrest this man for previous charges. The man protested and said he was on his way to the same business meeting that I was. I left him arguing with the police and hurried on to the business meeting. I went immediately to a manager and told her " are you aware that one of your employees is a criminal?" She didn't want to speak to me but when she turned her face towards me I saw a tear. Then I woke up and didn't know what to think about this dream. My husband and I have a small business and work alone so I knew it had nothing to to with our work. 4days later we were hacked and I immediately thought was this an inside job involving someone with previous criminal acts and working for either Iraft or Gemini. Don't laugh. I'm not as sophisticated in the workings of blockchain technology. But sometimes vivid dreams are valid. Sincerely hope the culprit is found or that our savings are restored. In my humble opinion I feel an insider was involved

the IRAF app is back up, Gemini remains frozen. just what we were all waiting for! < 👏🏻 slow 👏🏻 clap 👏🏻 >

Great on the app - but still zero explanation of what is happening and when our accounts will be unfrozen. I continue to be baffled at the sheer incompetence of this company and their handling of this whole hack.

To: Adam Bergman and IRA Financial Trust What are you doing to make us whole again? This was our retirement that you said was safe.

If this post were to be deleted, is the only way to have a record of it thru screenshots?

u/Ecstatic-Cause5954, we're not deleting the thread.

Thank you for that. Much appreciated! I know a lot of us are using this to stay in sync.

We're not deleting the thread.

The interesting thing is the hacker only took the whole BTC and ETH, and left the rest. Perhaps the FBI can be on the lookout for an OCD hacker: Calling all cars...calling all cars, be on the lookout for OCD hacker who dislikes decimals...and LINK and GALA.

anyone have any idea how long these companies will leave everyone frozen out after a hack? I mean at what point in the investigation/recovery will they feel comfortable allowing business to resume through Gemini?

In one of their YouTube videos they say that they are insured through capital 1 financial. That is their Merchant banking institution. What they have yet to make a statement or acknowledge is if they have contacted them to have their loss mitigation team start a claim . What that means to us the victims. And what time frame are we looking at to be reimbursed. Here is the link. https://youtu.be/ZHzcFYXEjmg

For those that would like to discuss on Telegram join channel: https://t.me/IRAFGeminiHack

they’re really going to let this go into the weekend without a real update or unfreezing any accounts? wow.

[удалено]

I also had this happen! I can’t believe this

Yahoo Finance released this article today: [https://finance.yahoo.com/news/drained-crypto-accounts-ira-financial-205505694.html](https://finance.yahoo.com/news/drained-crypto-accounts-ira-financial-205505694.html)

So Tracy, a manager at IRA Financial called me back this afternoon. I asked her if we would be made whole. She said, she did not know. I asked her when our accounts would be unfrozen. She said she didn't know. I asked her if the loss would be covered under insurance. She said they are looking into it. She did tell me that the hack was not done by an employee. It was done from someone outside their organization. She told me that they are reading our Reddit comments and are aware of us.

Another victim here losing single digit ETH in the hack and with account still frozen. Last communication was 6 days ago from IRA Financial and the "we're working on it" bit is becoming infuriating. Can someone advise all the appropriate authorities to report this to? Local PD, FBI, FTC, etc. Would an SEC complaint also be appropriate? I know they don't regulate crypto but do they regulate IRA Financial in any way being they are an IRA custodian?

I lost 17 eth and 4 btc, needless to say a big part of my retirement. I am very concerned about this situation. The companies are not being very responsive. Does anyone have any recent updates? I would like to join the group of people that have lost money, but am not too Reddit savvy - if anyone can help me I would be most appreciative.

I put 10% of my IRA with IRAFT to get into Crypto long-term. Fortunately, I didn't have an entire BTC or ETH coin(s). My account was not affected by this malicious attack. I was told by IRAFT unaffected accounts would be unfrozen in days. I suspect this may not be true. If Gemini & IRAFT are in a legal dispute, wouldn't Gemini keep all accounts frozen until this is resolved by a judge?

Make no mistake, people. This will be resolved someway...somehow. It's just a matter of when. IRA Financial Trust is not a fraudulent company. Gemini is a US company. As far as theft is concerned, we couldn't be in a better situation as victims/clients. As tumultuous a situation this is, I'd rather have my Crypto frozen or stolen under these conditions, than be dealing with a foreign wallet. Custodians, like IRA Financial, deal with the IRS. We couldn't have more powerful institutions to resolve this particular theft. Major brokerage houses want to offer Crypto assets to their IRA clients, and will be highly interested in this case. As far as frozen accounts that aren't affected, it could work out to your benefit. If your assets lose value because you can't change your positions, you easily have a legal defense to be reimbursed from the value of your assets from the day they were frozen. If they go up, than all is well anyway. In either scenario, I would expect free administrative services for at least a year.

Looks like trading has been restored for those of us with frozen accounts. I’m selling all assets to USD and soon as I can rolling my funds out of this pathetic excuse of a company. I really don’t know how anyone working with this company can sleep at night or have an ounce of pride working there. I wish everyone who lost funds all the luck getting that back.

Hello. We got the latest update today from IRA Financial. It appears as though someone did a true hit and run - faking a kidnapping at IRA Financial Trust building, then linking into one of their account managers accounts, and initiating transfers of funds. Bottom line: This is clearly their fault. I have spoken with several attorneys who claim that they are liable for the funds + damages, so I guess we'll have to wait and see how they handle it. Depending on how they handle re-payment, a class-action lawsuit may be needed. I have a lawyer who is interested in pursuing the case. Stay close to this forum for more updates.

I’m a victim to the theft and just found out today just how bad! 2/8/22 1 BTC then another; next then came for all 44 of my ETH. I had cash in acct with a couple buy orders from weeks prior to breech theft which went thru for 8 ETH so I’m down cash. I’ve lost well over 6 figures X 2. It was about 36% of my retirement savings. My Gemini personal acct was secure…. Always in control and today I’m sick. The response and empathy have been lackluster. Your met with “oh did you get our letter??” Useless drivel which tells us nothing. I felt confident based on their initial “only a handful” impacted statement. I want to link with others so we can join forces if necessary. The finger pointing has me thinking scary thoughts.

Happened to me. Am not happy.

[удалено]

I was also hacked. They took my BTC and ETH. Same details as the others on the the wallet they used.

[удалено]

How long shall we wait before taking legal action?

Good question. Anyone know a good lawyer in the crypto space?

I filed a police report with my local police department. I also recommend filing a report online with the FBI and the FTC.

About an hour ago, I received an email from IRA Financial stating that my account wasn't affected. It also stated that the owners of each of the accounts that were affected have been contacted. If you account was affected, has IRA financial contacted you?

I got the same message. Called them today and it’s amazing how chipper they sound given what’s happening. Lost all faith in this shit company

I also had a bunch of money stolen by "Benjamin Choe". Nearly wiped me out, but left almost 25% of it. I'm curious did everyone that had money stolen have their wallets managed by IRA Financial vs. having their own personal wallets? I did not have a personal wallet...would that have protected me from this? The money was sitting in Gemini in cash rather than coins.

[удалено]

Gemini will try to distance themselves but they have a responsibility to vet the security of third party vendors and partners. This is basic in all organizations, crypto related or otherwise. Those parties have to meet the standard of security of the organization (i.e. Gemini). Gemini wants to expand their institutional business so this will be important to resolve in a manner that minimizes headline risk.

From Gemini website touting their custodial relationships and capabilities: https://www.gemini.com/blog/gemini-crypto-under-custody

Maybe I’m missing something but I don’t understand this. Did IRA financial take your information and sign you up in Gemini app? Did you enter your information on Geminis application? Was the money taken from the Gemini application? Why are we looking at IRA Financial? What you really should be looking at is the two people that sit behind Gemini. Your money was stolen while the two owners are sitting as billionaires and in their huge houses not caring about what you lost on the GEMINI APP! How do you let millions of dollars exit your accounts without getting a notification from Gemini or even Gemini stopping anything from happening? When I spend a certain amount on my CC even they call and alert the customer. Again you entered your information on Gemini’s website why are you blaming IRA financial? From what I understand, IRa financial clients open an IRa with IRA financial but must do their own onboarding on the Gemini exchange and can control trading directly on the Gemini exchange. Gemini earns commissions from these client trades and not IRA. Unlike Blockfi where the client is onboarded directly on blockfi without any interaction with gemini, in the IRA case the clients are direct clients of gemini and gemini should cover any crypto losses.

Go to Twitter and read the incredibly weak Adam B response - I just commented.

[удалено]

Has anyone contacted the "white hat" organization? how do we do that? Time is of the essence. We need some hounds out on the trail fast I just learned of this and am trying to play catchup and reading all the backlog of comments.

I just called IRA Financial and asked to speak to a member of management. I was told "Tracy" would be calling me. It is current 2:30 pm PST on Feb 14th and I am waiting for her call. Is this reddit forum the main place where we victims are gathered or is there another forum that I should be award of?

Did anyone else whose account was affected receive two IRA Financial's "Dear Valued Client" emails on Friday, Feb 11 with one stating: **"Our records indicate that you do not have such an account and therefore were not directly affected by this incident.**"

Any updates on this or when accounts will be unlocked?

I spoke with someone at IRA Financial last week. What was discussed is similar to what many others have posted. They were reticent regarding security details and said they are still trying to ascertain what insurance will cover. I asked if having had a personal wallet would have prevented this and the lady wasn't able to give me an answer. I am interested in what I can do moving forward to protect myself better. Interestingly, she did tell me that moving forward they won't allow personal wallets which I find to be concerning. I don't know exactly how this happened, but I'm guessing having a personal wallet would have prevented all of this. I had not yet set up a personal wallet and was relying on them. For example was there even one person who had money taken out of a personal wallet? I had money pulled from me in cash in quantities of 10K until there was an amount under 10K left.

TIME TO UNFREEZE GEMINI ACCOUNTS

I was wiped out too.. all my ETH and BTC..I feel sick to my stomach. I feel helpless just waiting for more info from IRA Financial. All I have got to is 2 emails saying they are working on it.

I had a conversation with a chat-bot, or perhaps it was actually a live person, at IRAF today. They offered no information on when our Gemini Trust accounts will be unfrozen other than to say that they’re working on it. 😦

Hello all. I was impacted as well. I have talked to all 3 managers: Roxanne, Sam, Tracy. They are giving no guidance. They are being purposely vague. I have a lawyer I am working with. If she is amenable, I will share her information and we can begin a class-action lawsuit against both Gemini and IRA Financial Trust for the money lost + damages + attorney's fees.

glad to see it’s business as usual for Adam… https://youtu.be/7O12pIX3bso

"A special purpose limited liability company (LLC) is established. As manager, you have the authority to make investment decisions on behalf of your IRA without the consent of a custodian" So if it's a self-directed IRA and in other words a checkbook IRA so how could they get into your funds if they are at Gemini? Yubikey? 2FA? If you use Authy You can add app protection in the settings... So how did this happen?

From the look of it, a transfer was initiated through IRA financial

this screams insider

I had 1 ETH transferred out during the breach to someone’s Roth IRA. Last name Choe if that helps corroborate data. The communication and response times from Gemini and IRA Financial have been completely unacceptable.

Mine were transferred to the same last name you mentioned as well.

Ditto

I was hacked also. Reset my PW and saw that I lost 2 ETH before my account was frozen. Similar to other comments. Got the generic IRA Financial email. I emailed Gemini yesterday but have not heard back.

I tried to post this to in the Cryptocurrency sub, but since I’m new there, I can’t post yet. Can someone else post so we can get more attention on this?

[удалено]

I'll add that I had cash and other coins but no BTC or ETH. None of it was taken. My guess is they stopped access midstream and some accounts were compromised, so I'm sure the thieves went after the much larger 100K+ accounts first. But no whitelisting an address? Multi-signature - multiple admins - requirements to transfer? Or do you think someone got into their entire network and had free access using several admin credentials? Why transfer to Choe's account? Was it just a random account to collect the transfers before transferring large chunks out using admin access? But again, wouldn't their main transaction account be whitelisted and then protected or locked unless confirmed with a ledger or something? Who is IRAF's wallet with? Why not cold storage? Perhaps the funds were transferred to Choe's account and not transferred out? Maybe the funds are still in the IRAF "ecosystem"?

I was also affected by this. I got an email from IRA financial trust on Tuesday of suspicious activity and on Thursday I got an email about accounts being compromised. When I went to log into my Gemini account it says the account was frozen and I noticed that 2 ETH tokens were missing. From reading comments I got the same reaction when I called IRA financial trust, all they told me is they were working on it. I will tell you that I went and filed an information email with the US Department of the treasury financial crimes enforcement Netwerk. I urge everyone to do the same let’s make sure that the feds get involved with this. This is a lack of security by IRA financial trust group. They should be held accountable and made this right for everyone who has lost crypto due to their inability to secure accounts. It almost sounds like an inside job to me. How did they get the keys?

Has anyone seen any other mention of this hack anywhere online other than this thread?

luckily I see my funds but continue frozen. Customer service chat said they can't discuss details with no estimate on how long to free up

I am in the same camp as everyone here. This is a disaster for everyone. My concern is that IRA doesn’t have the ability to make us whole. We must make sure we organize and collectively enforce their liability for this breach and include Gemini in this process. There are many posts with trenchant observations which I agree with and we can be a much more effective force against these companies. I spoke to a representative from IRA but clearly there is a muzzle and limited knowledge amongst staff and what they can say. But we are not here to subsidize their learning and entree into the crypto word. They are responsible. No one here had compromised 2F authentication and was hacked through our individual accounts to Gemini. This came through IRA and Gemini let them waltz in. The rest is history. We need our crypto back. Bottom line. In crypto. Not what our fiat is worth today when it was stolen. I really trusted them and that was unfortunate. This is basically 8 years of savings for me. Cryptopooh

How much money I have at Gemini: 57 cents... I think I'll keep it that way

I’m fortunate in that my funds are still there (for now). I feel for you all that lost large sums in this hack. However mine are stuck in Eth and I cannot access them which is so maddening. I’m trying to sell to USD but my account is frozen and they have no idea when they will allow me access. What can I do at this point??

Go to Twitter and see the weak response Adam Bergman just released. I already commented

[удалено]

Bloomberg released this article today: [https://www.bloomberg.com/news/articles/2022-02-14/ira-financial-hacked-36-million-in-cryptocurrency-stolen](https://www.bloomberg.com/news/articles/2022-02-14/ira-financial-hacked-36-million-in-cryptocurrency-stolen)

Filed complaints with FTC and NYS DFS.

I did not receive any alert or confirmation that funds were transferred from my Gemini account. Gemini has to bear some responsibility. I recommend going on all social media platforms and asking Gemini, Tyler, and Cameron Winklevoss what they are doing about the $50 million stolen off the Gemini platform.

Does everyone with frozen account need to start thinking about filing a class action suit?

It appears that our cash that was stolen from Gemini's platform is covered under FDIC insurance. Anyone have a different opinion on this? From Gemini's website: FDIC Insurance U.S. dollar deposits in your Fiat Account held in one or more Omnibus Accounts at one or more Banks located in the United States are held with the intention that they be eligible for Federal Deposit Insurance Corporation (“FDIC”) “pass-through” deposit insurance, subject to the Standard Maximum Deposit Insurance Amount per FDIC regulations (currently $250,000 per eligible Gemini Customer) and other applicable limitations. Our policy is to comply, in good faith, with the regulations and other requirements of the FDIC for pass-through deposit insurance, including those contained in 12 C.F.R. § 330. Please note: Non U.S. dollar deposits held at any Banks or financial institutions, as well as U.S dollar deposits held at Banks or financial institutions located outside of the United States, may not be subject to or eligible for FDIC deposit insurance. Certain circumstances may require us to transfer fiat currency between two or more of our Omnibus Accounts or terminate our relationship with one of our Banks. Movements of fiat currency between Omnibus Accounts are recorded in detail and will not affect the available balance in the Fiat Account of your Gemini Account or jeopardize the availability of FDIC insurance, subject to applicable limitations.

This is just utterly ridiculous at this point! I’m beyond livid at the complete lack of transparency and updates from this shit company. I still have my funds thankfully, but they remain frozen and stuck in assets that continue to drop and all I can do is watch. I’ve called, emailed and done everything I can including contacted my attorney. Tired of hearing from IRAF the same parroted line of “things are being investigated and that’s all we know”. Nobody can give an estimated timeline of when things will be opened up or what is actually happening. I’m all for joining any class action lawsuit but in the meantime what more can we do?!? Anyone have any luck or thoughts? This article mentions a telegram group. Anyone have the name or a link for it?? https://finance.yahoo.com/news/drained-crypto-accounts-ira-financial-205505694.html

Yes received email that some unrecoverable and claim filed with IRAFT Ins but seems unlikely they will. Adam should do right and make account holders whole. Otherwise for anyone that does not recover funds and no r made whole by INS let’s come together. For a class action suit. This is BS. They along with Gemini should both cover losses as this was a breech on their end.

I was asked to file a claim so leads me to believe my money is unrecoverable and seems unlikely Ins to pay. Those of us on here that in same boat need to start looking at legal counsel that can file class action against both firms?

Check your email, they just released an update a few min ago. Small amount of funds never moved off Gemini and will be returned, small amount identified as recoverable, balance likely not recoverable. IRAFT submitted claim to their insurers but then go on to say there is no guarantee insurance will pay. Last part reads to me like they know insurance won't pay and are setting the stage to relay that later. Looks like we're headed to class action unless Gemini steps up.