Possible data breach for Trezor as users report string of phishing emails

Mohadesa Najumi

Cryptocurrency hardware wallet provider Trezor has begun formally investigating a possible data breach that has affected numerous users and may have compromised their personal information.

The news first came to light when several Twitter accounts warned about an ongoing email phishing campaign specifically targeting users via their registered email addresses.

Phishing is a type of online scam where criminals impersonate legitimate organisations via email, text message or advertisements. They do this in order to steal sensitive information.

One user @Josearkaos wrote:

“Hey Trezor, are you aware of a phishing campaign going on? I just received this email with my actual email address on it. It looked very legitimate”.

The emails falsely claim that Trezor, which has been making physical USB-connected devices since 2014, experienced a security incident yesterday that breached the data of 106,856 of its customers.

By fraudulently posing as Trezor, the scammers are asking users to download an app from the ‘Trezor.us’ domain, which is different from the official domain name, ‘Trezor.io’.

Trezor responded today stating:

“Trezor initially suspected that the compromised email addresses belong to a list of users who opted-in for newsletters, which was hosted on an American email marketing service provider Mailchimp“.

After further investigation, Trezor announced that MailChimp have indeed confirmed that their service has been compromised by an insider targeting crypto companies.

The company has advised users not to click on links coming from unofficial sources. It is only possible to update your Trezor’s firmware or desktop software by visiting the official Trezor website.

Phishing is growing more widespread every year. For example, in the UK, there was a 73% rise in email phishing attacks during the first six months that the Covid-19 pandemic struck the country. According to CISCO’s 2021 Cybersecurity Threat Trends report, about 90% of data breaches occur due to phishing.