Trust Wallet Plays Down Impact of Phishing Attack

Reading Time: 2 minutes
  • Trust Wallet has confirmed a recent data breach in its third-party customer support service, assuring users that no compromising data affecting their funds was taken
  • Only names/nicknames and email addresses were accessed, with user assets remaining secure.
  • Users are advised to stay vigilant for potential spam messages mentioning Trust Wallet.

Trust Wallet has revealed that it was the victim of a data breach this month but has reassured users that no data was taken that could compromise their funds. The company tweeted that its “third-party customer support service” experienced a security breach, but that “assets remain secure” and that only names/nicknames and email addresses were taken. Trust Wallet users should therefore be on the alert for an increase in spam messages including references to Trust Wallet.

Funds are Secure

Trust Wallet revealed on January 29 that it had identified a security flaw within its customer support system exposing users’ names/nicknames and email addresses in support tickets. The compromise was found through a routine security check, with the company learning that a phishing attack on an employee was responsible:

In the X post, Trust Wallet noted that all assets, passwords, and private keys remain secure as the hackers only had access to the third party’s data, and even then the content of the tickets wasn’t revealed. The company added that “upon discovering the issue, we proactively contacted the third-party provider to jointly investigate and ensure our public announcement was precise and informed.”

This incident highlights a growing trend in crypto-phishing, as evidenced by recent attacks on hardware wallet Trezor and platforms like Coingecko and De.Fi. As a result of the breach, Trust Wallet customers should be aware of any emails concerning Trust Wallet that come through to the affected email addresses.