BSV
$61.91
Vol 50.82m
-4.41%
BTC
$104531
Vol 95351.65m
-1.96%
BCH
$523.37
Vol 432.6m
-2.97%
LTC
$116.74
Vol 1838.17m
-8.6%
DOGE
$0.38
Vol 3751.56m
-2.82%
Getting your Trinity Audio player ready...

Mailchimp owner Intuit has been sued by the Trezor hardware digital currency wallet users for its role in a phishing campaign through which many lost their digital assets to scammers.

In a lawsuit filed in the Northern District of California, plaintiff Alan Levinson accused Intuit, the U.S. financial software giant that owns Mailchimp, an email marketing service that the scammers exploited, of “intentionally, willfully, recklessly, or negligently failing to take adequate and reasonable measures to ensure that its data systems were protected, failing to take available steps to prevent and stop the breach from ever happening, and failing to disclose the breach of personal information in a timely manner.”

Levinson believes that his personal information, and that of the other Trezor users who are members of his class-action lawsuit, was improperly handled and was not stored following applicable cybersecurity protocols.

The plaintiff, who is a resident of Illinois in the U.S., claims to have lost $82,000 while other members of the lawsuit cumulatively lost millions of dollars to the phishing campaign and wants actual and punitive damages from the Mountain View, California-based company.

As per the lawsuit, it all started when an employee of Rocket Science Group, an Intuit subsidiary that runs Mailchimp, clicked on a malicious link and granted the attackers access to the personal information of at least 100 Mailchimp users who were subscribed to the Trezor newsletter.

Armed with the emails, the attackers then engaged in a phishing campaign in which they lured the unsuspecting users to a fake Trezor website. On it, the users were directed to download a supposed new version of the Trezor desktop app, which turned out to be the attackers’ way in. They were able to get ahold of the users’ recovery phrase and made off with millions of dollars’ worth of digital assets.

Trezor acknowledged the data breach this month, telling users, “A scam email warning of a data breach is circulating. Do not open any email originating from [email protected], it is a phishing domain.”

Mailchimp also admitted that it had been breached, although it generalized the damage and claimed that the attacker was after digital asset companies.

The lawsuit follows another similar one filed by users of Ledger, Trezor’s main rival in the hardware digital wallets market, who sued Shopify for its role in a similar exploit. As CoinGeek reported, the lawsuit accused Shopify of “failure to exercise reasonable care in securing and safeguarding consumer information in connection with a massive 2020 data breach impacting Ledger.”

Follow CoinGeek’s Crypto Crime Cartel series, which delves into the stream of groups—a from BitMEX to BinanceBitcoin.comBlockstreamShapeShiftCoinbaseRippleEthereumFTX and Tether—who have co-opted the digital asset revolution and turned the industry into a minefield for naïve (and even experienced) players in the market.

Recommended for you

El Salvador softens BTC stance as economic reality bites
Nayib Bukele’s government has agreed to walk back its pro-BTC stance to secure a $1.3 billion IMF loan, saying that...
December 18, 2024
Ripple launches stablecoin; Tether invests in EU lifeboats
Ripple says choosing NYDFS for its newly minted RLUSD will help increase the token's acceptance. Elsewhere, Tether continues to look...
December 18, 2024
Advertisement
Advertisement
Advertisement