Security News > 2022 > April > Fake Trezor data breach emails used to steal cryptocurrency wallets
A compromised Trezor hardware wallet mailing list was used to send fake data breach notifications to steal cryptocurrency wallets and the assets stored within them.
Trezor is a hardware cryptocurrency wallet that allows you to store your crypto assets offline, rather than using cloud-based wallets or wallets stored on your PC that are more vulnerable to theft.
Starting today, Trezor hardware wallet owners began receiving data breach notifications prompting recipients to download a fake Trezor Suite software that would steal their recovery seeds.
The phishing attack started with the Trezor hardware wallet owners receiving fake security incident emails claiming to be a data breach notification.
"We regret to inform you that Trezor has experienced a security incident involving data belonging to 106,856 of our customers, and that the wallet associated with your e-email address [email here] is within those affected by the breach.," reads fake Trezor data breach phishing email.
These fake data breach emails say that the company does not know the extent of the breach and that owners should download the latest Trezor Suite to set up a new PIN on their hardware wallet.
News URL
Related news
- New fake Ledger data breach emails try to steal crypto wallets (source)
- Free, France’s second largest ISP, confirms data breach after leak (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- How to Effectively Manage a Data Breach (source)
- Amazon confirms employee data breach after vendor hack (source)
- HIBP notifies 57 million people of Hot Topic data breach (source)
- US space tech giant Maxar discloses employee data breach (source)
- Fintech giant Finastra investigates data breach after SFTP hack (source)
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)