Trezor Issues Security Alert Following Phishing Attack and Data Breach
In a recent security alert, Trezor announced a breach in its support ticketing system, potentially exposing the personal contact information of over 66,000 customers and raising the alarm for possible phishing attacks.
Trezor Alerts Users to Phishing Risk After Security Breach
Satoshilabs, the company behind the popular cryptocurrency hardware wallet Trezor, has issued a critical security alert. On January 17th, 2024, Trezor identified unauthorized access to a third-party support ticketing portal, potentially compromising the contact details of up to 66,000 customers.
The breach was first detected at 20:20 CET, and Satoshilabs immediately took measures to prevent further unauthorized access. While the security of users’ digital assets remains intact, the incident has raised concerns over the potential exposure of customers’ names and email addresses since December 2021.
In response to the breach, Trezor has reached out to all potentially affected users, warning them of increased risks of phishing attacks targeting their recovery seeds. Although no recovery seed phrases have been disclosed, 41 users were directly contacted by the malicious actor via email, requesting sensitive information.
Trezor’s internal audit indicates that, in addition to the 66,000 potentially exposed users, 8 people who created accounts on their trial discussion platform might also have their contact details compromised.
The company has emphasized the importance of vigilance and cybersecurity best practices in light of this incident. Trezor assures its customers that their hardware wallets and funds remain secure, reiterating that they will never ask for recovery seeds through any communication channels.
As a precaution, Trezor has urged all users to be cautious of unusual or suspicious contact attempts and to verify the legitimacy of any communication purportedly from Trezor Support.
The investigation into the full scope of the data breach is ongoing, and Trezor is working closely with the third-party service provider to resolve the issue. Affected users are encouraged to reach out to Trezor’s support team for any concerns or to report suspicious activity.
Do you consider this to be a major or minor security breach? Share your thoughts and opinions about this subject in the comments section below.