Trezor discloses 66K users affected by phishing attack
Hardware wallet Trezor has flagged a security breach that exposed the contact information of nearly 66,000 users, according to a Jan. 20 announcement.
Trezor identified unauthorized access to a third-party support portal on Jan. 17. Users who have interacted with Trezor's support team since December 2021 may have had their data accessed in the incident, said the company.
"Although unconfirmed, we consider it our responsibility to inform our affected users of the possibility of their contact details having been exposed, and at risk of a phishing attack," noted Trezor. The company said to have emailed all the 66,000 contacts to notify them of the incident.
"We want to stress that none of our users’ funds have been compromised through this incident. Your Trezor device remains as secure today, as it was yesterday."
At least 41 users received direct email messages from the attacker requesting sensitive information about their recovery seeds. Furthermore, eight people who created accounts on the same third-party vendor's trial discussion platform also had their contact details compromised.
Screenshot of the email received by users from a malicious actor. Source: TrezorPhishing is a type of cybercrime in which attackers impersonate a trusted entity in order to obtain sensitive information from individuals. Phishing is often used to steal sensitive data, such as login credentials, credit card numbers, or other personal information.
According to Trezor, no recovery seed phrases have been disclosed as a result of the incident. The company also claims to have alerted users that received emails within an hour of the incident.
"The potential exposure of email addresses might be harmful in the fact that the emails can be subject to phishing attempts. As of now, we have not observed any spike in phishing activity as a result of this security incident."
Trezor is a popular manufacturer of cryptocurrency hardware wallets, primarily providing cold storage for digital assets. The company, however, has faced several security incidents over the years.
In March, it warned users about a phishing attack intended to steal investors’ money by asking them to enter the wallet's recovery phrase on a fake Trezor website. In another incident, scammers selling fake Trezor's hardware were able to take over control of the user's private keys.
Magazine: Which gaming guild positioned itself best for the bull market?
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
The Daily: Hyperliquid set for HYPE token launch, MARA purchases $615 million in bitcoin and more
Tax on Bitcoin (BTC) and Cryptocurrencies from Russia!
The Russian Federation Council has approved a new tax bill for cryptocurrency mining and trading.
Tornado Cash Decision from the US Will Benefit These Altcoins the Most!
10X Research founder Markus Thielen assessed the impact of the Tornado Cash decision.
Another Country Makes a Move for Bitcoin! The First Step Has Been Taken for a Strategic BTC Reserve!
Vancouver Mayor Ken Sim has announced plans to add Bitcoin to the city's balance sheet in an effort to diversify the city's investment portfolio.