Trezor support site breach exposes personal data of 66,000 customers

Trezor issued a security alert after identifying a data breach that occurred on January 17 due to unauthorized access to their third-party support ticketing portal.

The popular hardware cryptocurrency wallet vendor says that the investigation on the incident is ongoing but it found no evidence so far that users' digital assets were compromised in the incident.

"We want to stress that none of our users' funds have been compromised through this incident," reads the announcement. "Your Trezor device remains as secure today, as it was yesterday," the company added.

However, a subset of 66,000 users who have interacted with Trezor Support since December 2021 may have had their names or usernames, and email addresses exposed to an unauthorized party.

Postal addresses, phone numbers, and other personally identifiable information were also stored on the breached system but Trezor does not believe these were impacted.

Unfortunately, Trezor has already confirmed 41 cases where exposed data has been exploited, with the attackers approaching users to trick them into giving away their recovery seeds - a string of words that contain all the information required for gaining access to a wallet.

Specifically, the attackers email Trezor users with a message that seems like an "automated reply" from support, requesting them to disclose the 24-word phrase they used for setting up their Trezor wallets.

The phishing message assures the recipient that the seed information is required only for firmware validation and won't be "accessible by humans."

Phishing message (Trezor)