Trezor "security breach" email

I received the following email today. It is a scam.

Dear customer,

We regret to inform you that Trezor has experienced a security incident involving data belonging to 106,856 of our customers, and that the wallet associated with your e-mail address ([email redacted]) is within those affected by the breach.

Namely, on Saturday, April 2nd, 2022, our security team discovered that one of the Trezor Suite administrative servers had been accessed by an unauthorized malicious actor.

At this moment, it’s technically impossible to accurately assess the scope of the data breach. Due to these circumstances, if you’ve recently accessed your wallet using Trezor Suite, we must assume that your cryptocurrency assets are at risk of being stolen.

In the spirit of transparency, we wanted to make our customers aware of this incident before malicious actors could utilize this information to their detriment. We felt time was of the essence, and we are expediently working through our investigation.

If you’re receiving this e-mail, it’s because you’ve been affected by the breach. In order to protect your assets, please download the latest version of Trezor Suite and follow the instructions to set up a new PIN for your wallet.



From my angle. That happened! Check the email address that sent the email. I dont know if your hardware was connected and the breach happened that way? Do you use Wi-Fi when connecting your hardware?

Their website and all the legitimate email I have received come from This email came to me from trezor (dot) us.

I did not click on the link but it also looked wrong.

I don’t have a Trezor nor do I trust their product considering the lack of a secure element and other security issues.

I sent a message to Trezor support about this email. It is a scam. The link will send you to a site that appears to be legitimate where you are supposed to download an updated version of Trezor suite. The risk is if you download the fraudulent program and enter your seed words. As long as you don’t do that you are safe. Trezor uses open source software so I trust it more than ledger which does not. Also, Trezor responded within 12 hours of me contacting them, Ledger rarely gets back to you or solves problems. That is why I switched to Trezor after using Ledger for 4 years.

Update: It now appears the background to this was a data breach at Trezor’s mailing list provider. This email came from -

Details of the Mailchimp data breach

This email contains details of a data breach which compromised our mailing provider between February and April 2, 2022.

The attack saw Mailchimp employees being phished for privileged access to customer accounts, resulting in the theft of email addresses and in some cases names of subscribers and other data.

Below you will find specific data belonging to you which was stolen in the attack.
Data stolen in the attack

Your email address
Your IP address
An approximate location based on your internet provider

Please use this information to protect yourself and be wary of any incoming mail, as the targeted data is being used to send phishing emails to your inbox. Avoid clicking on any links in emails, and never ever enter your seed into a computer without your Trezor device telling you to do so.

This is the latest information we have, following a week of investigation and reluctant cooperation from Mailchimp’s senior security staff. You will find a timeline of events on Trezor blog, but we will not be providing any links here so this message does not get confused for a phishing attempt.

For inquiries, please contact our security team at

You will not receive any more emails from Trezor via Mailchimp. Given the broad scope of the attack, it is important that you remain on alert for phishing attacks coming from other sources, as hundreds of other brands and projects which have not yet been disclosed were also targeted.

1 Like

Thanks for keeping us up to date.

If it seems fishy, it’s best to take a step back. You don’t need to find all the details of everything. Do only what is required.