Trezor is investigating a possible data leak after users report phishing assaults
Numerous Twitter users alerted Trezor to an ongoing email phishing effort targeting Trezor users through their registered email accounts.
Trezor, a developer of cryptocurrency hardware wallets, has initiated an investigation into a probable data breach that may have exposed customers’ email addresses and other personally identifiable information.
Earlier today, on Apr. 3, numerous members of the Crypto Twitter community warned about an ongoing email phishing effort targeting Trezor users, especially through their registered email accounts.
Several Trezor users have been approached by unauthorized actors acting as the firm, with the goal of defrauding naive investors. Users got an email advising them to download an app from the ‘trezor.us’ domain, which is distinct from the official Trezor domain, ‘trezor.io.’
Trezor first thought that the hacked email addresses were part of a list of users who had opted-in to receive newsletters housed on the American email marketing service company Mailchimp.
Trezor stated after more investigation: “MailChimp has revealed that their service has been infiltrated by an insider who is specifically targeting cryptocurrency businesses.”
While Trezor is conducting an official investigation to determine the overall number of stolen email addresses, users are encouraged to refrain from clicking on links from unauthorized sources until further notice.
BlockFi, a crypto-financial institution situated in New Jersey, proactively verified a data breach on Mar. 19 to alert investors about the likelihood of phishing attempts.
As previously reported by Cointelegraph, hackers obtained access to BlockFi‘s client data, which was stored on Hubspot, a customer relationship management platform. As per BlockFi:
“Hubspot has verified that an unauthorized third party had access to specific BlockFi customer data that was stored on their platform.”
While the details of the compromised data have not been discovered or disclosed, BlockFi informed consumers that sensitive data — like passwords, government-issued identification, and social security numbers — “were never saved on Hubspot.”
Also Read: Reddit Now Supports Ethereum NFTs