TrueUSD’s Client Data Exposed in Third-Party Security Breach
We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Ad Disclosure
We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more
Stablecoin issuer TrueUSD recently fell victim to a third-party security breach that led to the exposure of personally identifiable information of some of its clients.
According to screenshots posted on X of an email allegedly sent by TrueUSD to customers, the breach affected clients who were onboarded between 2018 and 2019 and included personal details such as customers’ first and last names, email addresses, and phone numbers.
Additionally, the breach exposed sensitive information, including client mail addresses, dates of birth, bank names, transaction histories, and blockchain wallet public addresses.
The breach was attributed to TrueCoin, a former service provider for TrueUSD, responsible for banking, customer onboarding, and product management.
TrueCoin informed TrueUSD about the breach after a third-party vendor discovered an “anomalous account change” within TrueCoin’s organization, indicating the compromise of a support vendor, TrueUSD said in an X thread on Monday.
Notably, the thread stated that TrueCoin had no records of the attacker downloading, altering, or removing any personal information from its own systems.
“As TrueCoin was engaged as TUSD operator until 13 Jul 2023, they hold certain [know-your-customer] and transaction history data of TUSD users, and part of the data was potentially exposed to the attacker during the attack suffered by TrueCoin’s third-party vendor,” the team added.
TrueCoin’s own internal systems were not compromised.
— TrueUSD (@tusdio) October 16, 2023
TrueCoin response
According to the screenshots of the TrueUSD email, TrueCoin’s cybersecurity and engineering teams immediately initiated an investigation to assess the extent of the breach.
The email added that the team took “swift action” to prevent unauthorized access, and noted that TrueCoin’s internal systems remained uncompromised during the breach.
TrueUSD has recommended that clients remain cautious of potential phishing attacks and that they monitor their accounts for any suspicious activity.
TrueUSD users are encouraged to contact the stablecoin issuer if they detect unusual activity.
- Trump Appoints PayPal Veteran David Sacks as ‘White House AI and Crypto Czar’
- What’s Happening in Crypto Today? Daily Crypto News Digest
- President Trump Signs Executive Order Calling for US Sovereign Wealth Fund Creation
- Ohio Lawmaker Proposes Second Bill to Establish State Bitcoin Reserve
- Trump Tariffs Stir Crypto Sell-Off With Ether Tumbling Over 26%






