{"id":9824,"date":"2022-04-03T10:37:57","date_gmt":"2022-04-03T10:37:57","guid":{"rendered":"https:\/\/nftandcrypto-news.com\/crypto\/trezor-investigates-potential-data-breach-as-users-cite-phishing-attacks\/"},"modified":"2022-04-03T10:37:59","modified_gmt":"2022-04-03T10:37:59","slug":"trezor-investigates-potential-data-breach-as-users-cite-phishing-attacks","status":"publish","type":"post","link":"https:\/\/nftandcrypto-news.com\/crypto\/trezor-investigates-potential-data-breach-as-users-cite-phishing-attacks\/","title":{"rendered":"Trezor investigates potential data breach as users cite phishing attacks"},"content":{"rendered":"

<\/p>\n

\n

Cryptocurrency hardware wallet provider Trezor has begun investigating a possible data breach that may have compromised users\u2019 email addresses and other personal information.\u00a0<\/p>\n

Earlier today, on Apr. 3, several users from the Crypto Twitter community warned about an ongoing email phishing campaign specifically targeting Trezor users via their registered email addresses.<\/p>\n

\n

Hey trezor, are you aware of a phishing campaign going on? I just received this email with my actual email on it. It looked very legit. pic.twitter.com\/GF0Od6llr2<\/a><\/p>\n

\u2014 josearkaos \u26a1\ufe0f (@josearkanos) April 3, 2022<\/a><\/p><\/blockquote>\n

In the ongoing attack, several Trezor users have been contacted by unauthorized actors posing as the company \u2014 with the ultimate intention to steal funds by misleading unwary investors. As part of the attack, users received an email about downloading an app from the \u2018trezor.us\u2019 domain, which is different from the official Trezor domain name, \u2018trezor.io.\u2019<\/p>\n

\n

We are investigating a potential data breach of an opt-in newsletter hosted on MailChimp.<\/p>\n

A scam email warning of a data breach is circulating. Do not open any email originating from noreply@trezor.us, it is a phishing domain.<\/p>\n

\u2014 Trezor (@Trezor) April 3, 2022<\/a><\/p><\/blockquote>\n

Trezor initially suspected that the compromised email addresses belong to a list of users who opted-in for newsletters, which was hosted on an American email marketing service provider Mailchimp.\u00a0<\/p>\n

\n

Wow, @Trezor<\/a>, this is the best phishing attempt I have seen in the last few years. I am really lucky I don’t have Trezor, because if I had, I would probably actually download that update. pic.twitter.com\/DaBN2Oix11<\/a><\/p>\n

\u2014 Tom\u00e1\u0161 Kafka (@keff85) April 2, 2022<\/a><\/p><\/blockquote>\n

While Trezor attempts to identify the root cause of the situation with an official investigation, users are advised not to click on links coming from unofficial sources until further notice.<\/p>\n

Related: <\/strong>BlockFi confirms unauthorized access to client data hosted on Hubspot<\/em><\/strong><\/p>\n

On Mar. 19, New Jersey-based crypto financial institution BlockFi proactively confirmed a data breach to warn investors about the possibility of phishing attacks.<\/p>\n

\n

Regarding recent third-party data incident: pic.twitter.com\/50z7IrQ1za<\/a><\/p>\n

\u2014 BlockFi (@BlockFi) March 19, 2022<\/a><\/p><\/blockquote>\n

As Cointelegraph reported, hackers gained access to BlockFi\u2019s client data that was hosted on Hubspot, a client relationship management platform. According to BlockFi:<\/p>\n

\u201cHubspot has confirmed that an unauthorized third-party gained access to certain BlockFi client data housed on their platform.\u201d<\/p><\/blockquote>\n

While specifics on the breached data are yet to be identified and revealed, BlockFi reassured users by highlighting that personal data \u2014 including passwords, government-issued IDs and social security numbers \u2014 \u201cwere never stored on Hubspot.\u201d<\/p>\n<\/div>\n