The team behind the stablecoin TrueUSD (TUSD) has disclosed a security breach involving one of TrueCoin's third-party vendors, which may have exposed certain customer data, including know-your-customer (KYC) and transaction history information.
TrueCoin, the operator of the TUSD stablecoin until July 13, 2023, received notification from its third-party vendor's security team on October 16, indicating unusual account changes made by a compromised support vendor within the TrueCoin organization. This has raised concerns that some of the existing customer data associated with TUSD may have been compromised.
Crucially, the breach did not impact TrueCoin's internal systems, as it was a targeted incident involving a third-party vendor. TrueUSD confirmed the security of its system, assuring users that neither the TUSD system nor the TUSD reserve were affected by the attack.
The extent of the impact remains unclear, as the specific amount of user data compromised was not disclosed in the announcement. Data collected from such breaches, which often includes names, email addresses, and phone numbers, is typically exploited in phishing attacks by cybercriminals who impersonate various cryptocurrency services, enticing unsuspecting investors with promises of high returns.
The breach incident comes after TrueUSD distanced itself from Prime Trust, a Nevada-based entity that abruptly halted all fiat and cryptocurrency deposits and withdrawals. TrueUSD clarified its independence from the situation, underlining its diverse partnerships and maintenance of multiple U.S. dollar tracks to ensure the security and integrity of users' funds.
