Trezor warns of possible phishing attacks after data leak
Trezor, one of the leading providers of hardware wallets for cryptocurrencies, issued a security warning on 22 January 2024 after unauthorized access to their support ticket portal was detected. The portal is operated by a third-party provider and contains personal data of customers who have submitted support requests, such as names, e-mail addresses and telephone numbers.
Trezor emphasizes that the security of the hardware wallets themselves has not been compromised and that customers can keep their coins safe as long as they keep their recovery seeds and passphrases secret. However, there is a risk that the stolen data could be used for phishing attacks to trick customers into revealing their login details or installing fake firmware updates.
To protect themselves from such attacks, Trezor advises customers to take the following precautions:
- Always check the URL of the website you are visiting and make sure it starts with
- Do not click on links or attachments in suspicious e-mails or text messages purporting to be from Trezor. Trezor will never ask you for your recovery seed or passphrase or ask you to install a firmware that has not been verified by Trezor Wallet.
- Activate two-factor authentication (2FA) for your email account and other online services that you use with Trezor.
- Use a password manager to create and store strong and unique passwords for each website.
- Stay up to date with the latest security updates from Trezor and follow their official channels on Twitter, Facebook and Reddit.
Trezor apologizes for the inconvenience caused by the data leak and assures you that they are working with the third party provider to identify and resolve the cause of the incident. Remain vigilant and report suspicious activity to