TrueUSD, a stablecoin issuer supported by Justin Sun and Binance, has recently been hit by a significant third-party security breach. The breach led to the exposure of personally identifiable information (PII) of some of its clients.
The exposed information includes the first and last names of customers, their email addresses, and phone numbers. This data pertains to customers who were onboarded between 2018 and 2019. In addition, client addresses, dates of birth, bank names, transaction histories, and blockchain account public addresses were also exposed.
Customers advised to be alert for suspicious activities
The breach involved TrueUSD’s former banking, customer onboarding, and product management service provider, TrueCoin. On September 20, 2023, a third-party vendor notified TrueCoin about an anomalous account change within TrueCoin’s organization made by a compromised support.
TrueCoin stated that it has no logs of the attacker downloading, altering, or removing personally identifiable information from its systems. However, TrueUSD has advised customers to monitor their accounts for any suspicious activity and to beware of phishing attacks.
This incident underscores the importance of robust security measures in the cryptocurrency industry. It also highlights the potential risks associated with the storage and management of personal data in this rapidly evolving sector. Despite the breach, TrueUSD continues to operate and is taking steps to address the situation and prevent future incidents.