Open in app

Sign up

Sign in

Write

Sign up

Sign in

Trezor e-shop breach is a hoax

SatoshiLabs
Trezor Blog
Published in
2 min readMay 25, 2020

--

An unknown hacker listed supposedly leaked data of customers from the Trezor e-shop for bidding recently. We have thoroughly analyzed the data sample and we can confirm that it does not match our customer records from the e-shop. We can also assure our Trezor Wallet users, that their data has not been affected. We have evaluated the information as a hoax mainly due to the following facts:

  • The content and structure of the leaked data does not correspond to the data from the Trezor e-shop and looks fabricated.
  • Trezor has strong protocols on data protection that include anonymization of the e-shop data after a period of 90 days from the purchase.
  • Trezor e-shop is not and was historically not running on the Shopify platform, which was mentioned as a source of the leaked data.

How does the Trezor anonymization protocol work?

The Trezor e-shop collects solely the necessary data needed for the delivery of the product. This data is used for logistic purposes only. After collecting the data, we treat it as highly sensitive. We know that, in the bitcoin industry, data privacy is extremely important. After 90 days of placing your order, we remove all the sensitive data from our online systems. This minimizes the impact of potential breaches.

Pro tips for data privacy handling

Even though this information is a hoax, there is always something to learn from it. We treat your data with the utmost privacy. Ideally we would like not having your real personal information at all. But we understand your parcel has to be delivered somewhere, so here are some tips on how you can minimize the data leakage also on your side:

  • If possible order your goods using the address of the company you are working for and have it delivered there.
  • You can even tell your reception desk that you will be using a pseudonym.
  • If you can not have goods delivered to your office, consider using a P.O. box.
  • Always use a special purpose email in which you avoid your real name.
  • If you really need to share your phone number, share the work one preferably.
Updates
Trezor
Security

--

--

SatoshiLabs
Trezor Blog
Follow

Written by SatoshiLabs

12.2K Followers

Innovating since we founded the industry in 2013 with production of the first crypto hardware wallet, the Trezor One. Open-source, secure, community-driven.

Follow

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams