Trezor Warns of Phishing Campaign Following Potential Support Contact Leak
"On January 17, 2024, the third-party support ticketing portal we use encountered unauthorized access. Potentially impacted data are limited to user emails and names/nicknames that contacted our customer support team."
- "We are investigating a security incident that occurred on January 17th, 2024, where there was unauthorized access to the third-party support ticketing portal we use," the company disclosed on January 20.
"The security incident we’ve identified has implications for customers who have interacted with Trezor Support since December 2021. While this represents a small part of our entire user base, up to 66,000 contacts were present in the system during that time."
- "We are making every effort to work with the third-party service provider to comprehensively investigate the incident. However, our internal audit of the incident suggests potential access to contact details, limited to email and name/nickname."
"During our investigation, we were alerted to the fact that the individual contacted 41 of our users directly via email, requesting sensitive information related to their recovery seeds."
- "We have reviewed these interactions and alerted each of the contacted users within an hour of the incident. No recovery seed phrases have been disclosed."
- "Although unconfirmed, we consider it our responsibility to inform our affected users of the possibility of their contact details having been exposed, and at risk of a phishing attack. Acting out of an abundance of caution and a commitment to transparency, we have emailed all of the 66,000 contacts alerting them to the scope of the incident," the company said.
Hi, after 90 days we delete or anonymise all customer data related to a purchase on our Trezor Shop. In order to provide the best assistance to our customers, we retain the customer support data for a longer period of time.
— Trezor (@Trezor) January 20, 2024