On Monday, the IRA Financial Trust, a platform that provides self-sustaining digital asset retirement and retirement accounts, filed lawsuit against cryptocurrency exchange Gemini for alleged negligence in protecting customers’ digital assets during a critical exploit. The firm’s client accounts were in the custody of the Twins. On February 8, a hack led to the siphoning of $36 million worth of crypto assets from customer accounts through unauthorized withdrawals.
Since then, both companies have accused each other of being responsible for the loss of funds. To complicate matters, the allegedly fake 911 call coincided with the timing of the break-in, which drew many IRA Financial Trusts employees away from their jobs. To avoid single points of failure in their security systems, Gemini has several security features such as two-factor authentication, whitelisting of withdrawal addresses, and fraud detection algorithms.
However, the IRA Financial Trust argued that there was a single point of failure in Gemini’s API systems instead. The firm said there is a master key for customer accounts with the ability to bypass all built-in security measures. “Hackers were able to gain control of the IRA’s master key by committing crimes.” The release is just announced.
One scenario is that a series of alleged unencrypted and unsecured email exchanges between Gemini and the IRA Financial Trust served as the background for the hack. The IRA Financial Trust denies that the Twins informed it of the power of the “master key” at all. The lawsuit comes less than a month after both sides attempted to settle the matter out of court.
Cryptooshala reached out to Gemini representatives for comment, but did not receive a response in time for publication.
Credit : cointelegraph.com