TrueUSD (TUSD), a stablecoin, recently disclosed a potential data breach that could have exposed certain Know Your Customer (KYC) and transaction history data of its users. The breach was traced back to a third-party vendor associated with TrueCoin, the former operator of TUSD until July 13, 2023.

Isolated Third-Party Vendor Incident

On October 16, the security team of a third-party vendor alerted TrueCoin to an unusual account change within their organization, which they suspected was made by a compromised support vendor. It’s believed that this compromise may have led to the exposure of some TUSD customer data.

TUSD team was informed by TrueCoin that they received a third-party vendor’s notification that the vendor’s Security Team detected “an anomalous account change within [TrueCoin’s] organization made by a compromised support vendor.”

— TrueUSD (@tusdio) October 16, 2023

TrueCoin clarified that this incident had no impact on its internal systems and reserves. The security breach was confined solely to the third-party vendor. TrueUSD reaffirmed the security of its systems, assuring users that both the TUSD system and its reserves remained unaffected.

Potential Misuse of Stolen Data

Data obtained from such breaches, including names, email addresses, and phone numbers, is typically exploited for phishing attacks. In such schemes, attackers pose as various crypto services, enticing unsuspecting investors with promises of quick and substantial profits.

The full extent of the data breach and its implications are yet to be determined. The total number of users affected by the breach has not been disclosed in the initial announcement.

Response and Clarifications

As of the time of reporting, TrueUSD had not responded to inquiries from Cointelegraph seeking further information or clarifications regarding the incident.

Notably, TrueCoin distanced itself from Nevada-based Prime Trust following Prime Trust’s abrupt suspension of all fiat and cryptocurrency deposits and withdrawals. TrueUSD assured its community that it remained unaffected by this situation, emphasizing its diverse partnerships and the maintenance of multiple USD rails for minting and redemption. Users were reassured that their funds remained secure with TUSD despite the turmoil at Prime Trust.