Trezor Data Hacker Resurfaces to Capitalize on Bitcoin Boom

Enticed by booming Bitcoin prices, the Trezor hacker resurfaces on the dark web to peddle customer information for BTC.

Man with shopping bags walking out of a huge safe through the side door.
Created by Gabor Kovacs from DailyCoin
Update March 14 08:00 UTC: This article has been updated to include an official response provided by Trezor to DailyCoin. 
  • Trezor customer data was breached in January.
  • The hacker has resurfaced, demanding Bitcoin for customer data.
  • Crypto investor contact information is valuable. 

Trezor disclosed a data breach in January involving the unauthorized access of customer data via its support ticketing system, leading to the loss of names, usernames, and email addresses. The company assured its customers that their crypto assets remain safe but to stay vigilant against potential phishing attempts.

Fast forward to now, with Bitcoin running red hot, the perpetrator responsible for the January data breach has reemerged, seeking to exploit the surging BTC value by peddling Trezor customer information on the dark web. 

Trezor Hacker Wants Bitcoin

The Daily Dark Web outlet reported that a database purporting to contain 66,000 email addresses from Trezor customers is being advertised for sale on the dark web. The asking price is set at 1.5 BTC, which equates to approximately $110k at the time of writing. 


This data cache aligns with Trezor’s January disclosure that a breach had impacted approximately 66,000 users. DailyCoin reached out to Trezor seeking further comments about this latest development. A Trezor spokesperson told DailyCoin that the company could not confirm or deny the authenticity of the data being sold. The spokesperson issued a further assurance to users:

“Our users are safe unless they share their recovery seed. Under no circumstance will any Trezor representative seek recovery seed, over email, customer support, website, or any form of communication,” stated the Trezor spokesperson.

The contact information of cryptocurrency investors presents an enticing opportunity for scammers and hackers. Email addresses can be leveraged as entry points for more expansive hacking attempts, such as uncovering passwords or accessing verification codes. Bad actors may also use the data for phishing campaigns to trick users into divulging wallet passphrases. Trezor insisted that hardware wallets remain a key component of crypto security, and underscored the importance of personal vigilance.

A hardware wallet is still the safest way to store cryptocurrencies. Unfortunately, phishing attacks have become pervasive, extending into our everyday lives, not just in crypto. The most effective defense against them is maintaining constant vigilance and fostering widespread security education,” added the Trezor spokesperson.


The value of crypto customer data became evident during the 2020 Ledger hack, which exposed the contact details of approximately 270,000 Ledger customers.

Dented Confidence in Hardware Wallets 

The data breach affecting Trezor customers echoes the high-profile 2020 Ledger hack, where contact details for over 270,000 Ledger customers were stolen and leaked freely online. However, that incident took an even more sinister turn, with some affected users receiving ransom demands and threats of physical violence as a result of the data breach.

More recently, in December 2023, Ledger suffered another major security incident after a former employee was compromised through a phishing attack. The incident enabled the hacker to inject malicious code and breach multiple Ethereum DeFi protocols like SushiSwap and Balancer by redirecting user funds to the hacker’s wallet.

These events underscore the high-stakes security challenges facing hardware wallet manufacturers and the risks associated with cryptocurrency investing.

On the Flipside

  • Bitcoin has increased 70% since the January Trezor data breach.
  • Hardware wallet data breaches highlight centralization risk.
  • Trezor stated it received no jump in reported phishing incidents after the January data breach.

Why This Matters

The recirculation of Trezor’s customer data is a sobering reminder that security lapses can have severe, long-lasting ramifications. Beyond the immediate financial risks to impacted users, such breaches erode confidence in the responsible party while keeping no-coiners sidelined for fear of getting hacked.

Cool wallets are the latest crypto wallet innovation. Read more about them here:

Introducing Cool Wallets: Where Hot and Cold Crypto Wallets Converge

Read about the suspicious absence of retail investors as Bitcoin rallies hard here:

Bitcoin Hit New Heights. Where’s the Retail Excitement?

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Samuel Wan

Samuel Wan is a finance professional turned crypto journalist, known for his insightful reporting on market trends, regulatory changes, and technological developments within the digital asset industry. His ability to simplify complex concepts and report the facts has made him a trusted source in the crypto community. Beyond his writing, Samuel is an active mountain biker and gamer.