TrueUSD client data exposed in security breach linked to third-party vendor
The post TrueUSD client data exposed in security breach linked to third-party vendor appeared on BitcoinEthereumNews.com. Stablecoin issuer TrueUSD fell victim to a large-scale security breach. The breach led to the exposure of a significant amount of personally identifiable information belonging to TrueUSD customers. The leaked data includes first and last names, email addresses, phone numbers, and even bank details. Consequently, clients who were onboarded between 2018 and 2019 face higher risks. TrueCoin, TrueUSD’s former banking and customer onboarding service provider, is at the center of this unsettling scenario, according to an email. The chain of events began on September 20, 2023, when TrueCoin received a notice from a third-party vendor. The vendor alerted them about “an anomalous account change” within the organization. Moreover, this irregular activity came from a compromised support vendor. Upon receiving this critical information, TrueCoin immediately engaged its cybersecurity and engineering teams to evaluate the extent of the breach. According to statements from TrueCoin, their internal systems remained intact. They took prompt action to halt any further unauthorized activities. TrueUSD urges customer vigilance amid data exposure Customers are advised to exercise extreme caution. TrueUSD issued a warning, asking its clients to monitor their personal accounts for any unusual activity closely. Additionally, they emphasized the need for clients to remain alert to potential phishing attacks. The company also encouraged clients to get in touch if they notice anything unusual. However, TrueUSD clarified that neither its own internal systems nor those of TrueCoin were directly compromised. The breach occurred at the level of a third-party vendor that TrueCoin uses for various services, including product management, customer onboarding, and user onboarding. What heightens the concern is that this third-party vendor could not provide any logs indicating whether the attacker downloaded, altered, or removed personal information from its systems. Hence, the full extent of the breach remains unclear. Significantly, the breach comes at a time when…
The post TrueUSD client data exposed in security breach linked to third-party vendor appeared on BitcoinEthereumNews.com.
Stablecoin issuer TrueUSD fell victim to a large-scale security breach. The breach led to the exposure of a significant amount of personally identifiable information belonging to TrueUSD customers. The leaked data includes first and last names, email addresses, phone numbers, and even bank details. Consequently, clients who were onboarded between 2018 and 2019 face higher risks. TrueCoin, TrueUSD’s former banking and customer onboarding service provider, is at the center of this unsettling scenario, according to an email. The chain of events began on September 20, 2023, when TrueCoin received a notice from a third-party vendor. The vendor alerted them about “an anomalous account change” within the organization. Moreover, this irregular activity came from a compromised support vendor. Upon receiving this critical information, TrueCoin immediately engaged its cybersecurity and engineering teams to evaluate the extent of the breach. According to statements from TrueCoin, their internal systems remained intact. They took prompt action to halt any further unauthorized activities. TrueUSD urges customer vigilance amid data exposure Customers are advised to exercise extreme caution. TrueUSD issued a warning, asking its clients to monitor their personal accounts for any unusual activity closely. Additionally, they emphasized the need for clients to remain alert to potential phishing attacks. The company also encouraged clients to get in touch if they notice anything unusual. However, TrueUSD clarified that neither its own internal systems nor those of TrueCoin were directly compromised. The breach occurred at the level of a third-party vendor that TrueCoin uses for various services, including product management, customer onboarding, and user onboarding. What heightens the concern is that this third-party vendor could not provide any logs indicating whether the attacker downloaded, altered, or removed personal information from its systems. Hence, the full extent of the breach remains unclear. Significantly, the breach comes at a time when…
What's Your Reaction?