TrueUSD stablecoin issuer reports data breach of third party, customer data exposed

Stablecoin issuer TrueUSD has reported a significant security breach involving a former major service provider, TrueCoin, and a third-party vendor that led to the compromise of substantial user data.

Exposed data includes:

• names,
• email addresses,
• phone numbers,
• client addresses,
• birth dates,
• bank names,
• transaction histories,
• public blockchain wallet addresses

Affected individuals are clients who joined between 2018 and 2019.
No details were provided about the nature of the breach or the number of affected individuals.

TrueCoin alerted TrueUSD to the breach after the vendor detected "an anomalous account change" within their organization. TrueUSD clarified that neither its internal systems nor TrueCoin's systems were compromised. Despite the breach, TrueUSD emphasized that its systems and reserves backing the stablecoin remain secure.

The security breach has raised concerns as it highlights the risks associated with collecting user information for compliance with KYC/AML regulations. TrueUSD urged clients to remain vigilant for potential phishing attacks or fraud attempts that may exploit the stolen data.