Trezor, a prominent hardware wallet company, recently experienced a security breach involving unauthorized access to the platform of one of its third-party service providers. Although no funds were lost, the incident has put 66,000 customers at risk of phishing attacks.

The breach, identified on January 17, 2024, involved unauthorized access to Trezor’s third-party support ticketing portal. The company promptly revoked the intruder’s access and initiated an internal audit, discovering the potential compromise of customer details such as email addresses and names/nicknames.

While only customers who interacted with Trezor’s support team since December 2021 are affected, the company has taken swift action. Affected users have been notified, and those who were targeted by the bad actors have been alerted to ensure no recovery seed phrase was disclosed.

Furthermore, Trezor has reached out to individuals who signed up on their compromised third-party platform, ensuring they are aware of the potential access to their contact details.

It is reassuring that no user funds were lost as a result of the security incident. However, there remains a heightened risk of phishing attacks targeting recovery phrases. As a precautionary measure, Trezor advises users to never disclose their recovery phrase to third parties and to always contact their support team regarding wallet-related issues.

The incident underscores the ongoing threat of phishing attacks in the crypto ecosystem. With blockchain security firm Scam Sniffer reporting that 324,000 individuals lost approximately $300 million to phishing scams in 2023, it is crucial for users to remain vigilant and for companies to continuously develop effective security measures.

Disclaimer: The information provided in this research report is for informational purposes only and should not be interpreted as financial or investment advice. The NFT and cryptocurrency market is highly volatile, and readers should conduct thorough research before making any investment decisions.