More than 40,000 Trezor customers affected by phishing attack

Hardware wallet maker Trezor has disclosed a security vulnerability in its third-party security system.

According to the company, at least 41,000 Trezor customers received emails with a phishing link. The email provided a passphrase form that users had to fill out to regain access to their wallet.

According to the team, the incident did not result in any digital assets being stolen. No users were injured. Representatives noted that the company sent out warning messages within an hour of learning about the incident.

«We believe it is our responsibility to inform our affected users that their contact information may have been exposed and is at risk of a phishing attack. As a precautionary measure and in an effort to be transparent, we have sent emails to all 66,000 contacts, alerting them to the extent of the incident,» the statement said.

Currently, Trezor is investigating what happened to the third-party service where the vulnerability was discovered.

Last year, in early March, the developers warned users about a phishing scheme conducted by cybercriminals on behalf of the company. The attackers contacted victims by phone, SMS, and/or email, warning them of a security breach in their Trezor account.

Later in May, it turned out that fake versions ofTrezor hardware crypto walletswere put on sale. Experts noted that at least one victim lost 1.3 bitcoins (BTC) during the incident. And in June, Apple specialists removed the fake Trezor wallet program after it was discovered in the App Store.