Trezon, a hardware cryptocurrency wallet, was targeted in a phishing attack through emails as they were sent through one of their opt-in newsletters hosted at MailChimp.
A compromised Trezor hardware wallet mailing list was used to send fake data breach notifications to steal cryptocurrency wallets and the assets stored within them.
Trezor hardware wallet owners began receiving data breach notifications prompting recipients to download a fake Trezor Suite software that would steal their recovery seeds.
However, MailChimp confirmed that their service was compromised by an "insider" targeting cryptocurrency companies.
"id": "TRE03728522",
"linkid": "trezor",
"type": "Breach",
"date": "04/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"