A prominent cryptocurrency company recently faced a major security breach that left its employees unable to access corporate productivity apps for four days. Unicoin, the official cryptocurrency of the reality TV show Unicorn Hunters, experienced a significant security incident when an unknown threat actor gained access to its Google G-Suite account.
According to a Form 8-K SEC filing, Unicoin discovered the breach on August 9, when the threat actor changed the passwords of all users with @unicoin.com email addresses, effectively locking them out of their accounts. It wasn’t until August 13 that the company was able to regain control of the G-Suite accounts and restore access to its internal users. Unicoin is currently investigating the extent of the breach and the information that was accessed.
In a surprising turn of events, a contractor was terminated after traces of identity forgery were linked to them. Additionally, discrepancies were found in the personal data of employees and contractors in Unicoin’s accounting department, and hacked messages and email accounts of specific managers were discovered.
Despite these alarming findings, Unicoin stated that the breach has not had a material impact on its finances or operations, with no monetary loss of coins reported. However, the investigation is still ongoing, and the full extent of the breach is yet to be determined.
It remains unclear whether the fired contractor was directly involved in the security breach. Recent warnings from a blockchain analysis company have highlighted the growing threat of sophisticated social engineering tactics used by threat actors, including thousands of North Korean operatives, to target cryptocurrency firms and steal funds.
As companies in the cryptocurrency space continue to be targeted by cyber threats, it is crucial for organizations to prioritize cybersecurity measures and remain vigilant against potential attacks. The incident at Unicoin serves as a stark reminder of the importance of robust security protocols and ongoing monitoring to safeguard sensitive information and assets in the digital landscape.