In a recent announcement on January 20, hardware wallet manufacturer Trezor disclosed a security breach that impacted nearly 66,000 users. The breach, which occurred through unauthorized access to a third-party support portal on January 17, potentially exposed the contact information of Trezor Wallet users who had interacted with Trezor’s support team since December 2021.
Despite the alarming nature of the incident, Trezor assured users that no digital assets were compromised during the attack. Notably, the company has initiated an investigation into the security breach and is working closely with the third-party service provider involved.
The company promptly sent emails to all affected users, detailing the incident and emphasizing that none of their funds were compromised. Trezor acknowledged:
“Although unconfirmed, we consider it our responsibility to inform our affected users of the possibility of their contact details having been exposed, and at risk of a phishing attack.”
Trezor Wallet Users Phishing Attempts and Response
Highlighting the seriousness of the situation, Trezor mentioned that at least 41 users received direct email messages from the attacker, requesting sensitive information about their recovery seeds.
Moreover, according to the announcement, eight individuals who created accounts on the same third-party vendor’s trial discussion platform have their contact details compromised. Trezor clarified that no recovery seed phrases were disclosed, and users who received suspicious emails were promptly alerted within an hour of the incident.
Phishing, a type of cybercrime where attackers impersonate trusted entities to obtain sensitive information, remains a prevalent threat. Trezor acknowledged the potential harm of exposed email addresses, as they could become targets for phishing attempts.
As of now, the company has reported no observed spike in phishing activity due to this security incident. It has prevented any further unauthorized access by “revoking the malicious actor’s access and conducting a detailed audit of its access and operational logs.”
Trezor’s History of Security Incidents
Trezor, launched in 2013 by Czech Republic-based tech firm Satoshi Labs, has not been immune to security breaches. A notable incident occurred when Unciphered claimed to have successfully hacked Trezor’s Trezor T model in October 2023.
However, the cybersecurity firm clarified that executing the exploit required the attacker to physically possess the wallet, possess the specialized tools, and be knowledgeable about their proprietary “in-house exploit” method.
In February, Trezor faced another security challenge when it warned users about a phishing attack aimed at stealing investors’ funds by tricking them into entering their wallet’s recovery phrase on a counterfeit Trezor website.
This is not the end. Scammers peddling fake Trezor hardware managed to compromise users’ private keys in a separate incident. A distressing episode unfolded when a digital asset investor fell victim to a counterfeit hardware wallet scam, resulting in the loss of around 1.33 bitcoin. The fraudulent wallet closely resembled an authentic Trezor product, and the unsuspecting victim acquired it from a seemingly trustworthy seller, as detailed in a Kaspersky report.
As a popular manufacturer of digital asset hardware wallets, Trezor’s commitment to user security is under scrutiny following this recent breach. As the industry faces evolving cyber threats, users are reminded to stay vigilant and follow best practices to safeguard their assets.
Related reading: