Trezor Newsletter Compromised by Mailchimp “Insider”

Reading Time: 2 minutes
  • The newsletter of hardware wallet maker Trezor has been compromised
  • The security of newsletter partner Mailchimp was breached by “an insider” and a phishing email sent out
  • The hack is reminiscent of the impact of the Ledger hacks

Hardware cryptocurrency wallet maker Trezor has revealed that a security breach within its newsletter partner, Mailchimp, has led to recipients being targeted with phishing emails. Trezor alerted the crypto world to a possible breach yesterday morning, confirming it shortly afterwards and advising newsletter subscribers not to open any emails purportedly from the wallet maker. Mailchimp has not publicly confirmed the breach, but Trezor has said that the company put the breach down to “an insider targeting crypto companies”.

Newsletter Recipients Ring Alarm Bells

Trezor seemingly became aware that something was wrong when newsletter recipients started posting on Twitter that they were receiving suspicious emails purportedly from the company:

In the wake of this, Trezor announced that it was investigating the concerns and advised newsletter subscribers to “not open any email originating from [email protected]” which they had already confirmed was a phishing domain, showing that the newsletter had indeed been compromised.

Shortly after, Trezor confirmed that Mailchimp had suffered a security breach, leading to email addresses of its newsletter recipients being accessed:

Trezor Breach Has No Known Victims

There have been no confirmed reports of anyone losing funds to the attack, but the fact that Trezor said the breach was down to “an insider targeting crypto companies” who wasn’t even part of their organization shows the levels to which individuals are going to try and hoodwink crypto users.

The Trezor newsletter breach brings back memories of the Ledger breaches of 2020, which saw the personal details of 292,000 customers’ details stolen, as well as millions of email addresses, resulting in a plethora of phishing emails, texts, and calls to affected users.