Trezor Security Alert: Be Prepared for Potential Phishing Attacks | Posted by SatoshiLabs | January 2024
- Did this violation affect me? How do I know if my contact information has been exposed?
If you have received a notification email (from: noreply@trezor.io) regarding a security issue, your contact information may have been among the information exposed by malicious actors on the third-party support ticketing portals we use. Again, although we have not yet received definitive confirmation or denial of this exposure from the third-party provider, we have decided to take proactive action.
- Can you provide specific details about the nature and scope of the data breach?
On January 17, 2024, an unauthorized individual accessed the support ticketing portal through a third-party support platform. The names and email addresses of customers who previously contacted Trezor support were exposed. Based on internal audits and specific information from third-party service providers, we believe that no other personally identifiable information, such as postal address or phone number, was exposed.
- How many customers are affected by this incident?
A total of 41 customers were directly contacted by the malicious attacker via email. These users were asked for sensitive information related to recovery seeds. However, information received from third-party service providers indicates that the contact details (email and name/nickname) associated with up to 66,000 users who contacted our support team have been accessed since December 2021.
- In addition to email addresses, was there any other type of personal or sensitive data that was compromised in the breach?
Information disclosed was limited to the name/nickname and email address of the customer who contacted Trezor support. It is important to emphasize that customers’ mailing addresses and phone numbers are not published.
- How did this breach affect Trezor’s operations or services?
Your Trezor device will remain completely safe and secure. A small number of users are at risk of increased likelihood of phishing attempts. As with all such initiatives, we advise our customers to remain vigilant and follow cybersecurity best practices. Customers can find information about this on the Trezor website.
- How can users ensure that their interactions with Trezor Support are legitimate?
The most secure way to access our support is through our website. As phishing attempts become more sophisticated, we advise users to remain vigilant. Trezor’s legitimate representatives remind users that they will not ask users for seeds. Do not share your recovery seed with anyone. If you have any doubts, please contact support.
- Why doesn’t Trezor do a better job of protecting the data exposed in this incident?
Data was exposed due to unauthorized access to a third-party support ticketing portal we use. Unfortunately, while collaboration with third-party service providers is often essential in a global business environment, it comes with inherent challenges. Despite our limited influence over these external entities, we prioritize the protection of sensitive data, including addresses. We regret any concerns this incident may cause and are actively reevaluating our relationship with the third-party vendor in question to strengthen our data security measures.