A prominent cryptocurrency company has recently disclosed that their employees were unable to access their corporate productivity apps for four days due to a security breach. Unicoin, the official cryptocurrency of the reality TV show Unicorn Hunters, reported in a Form 8-K SEC filing that on August 9, an unknown threat actor gained access to their Google G-Suite account.
The threat actor changed the passwords of all users with an @unicoin.com email address, effectively denying access to essential tools such as G-Mail and G-Drive. It wasn’t until August 13 that the company was able to remove the threat actor’s access and restore functionality to its users. Unicoin is currently investigating the extent of the breach and the information that may have been accessed.
In a surprising turn of events, Unicoin also revealed that a contractor had been terminated after traces of identity forgery were linked to them. Further discrepancies were discovered during a personal check of corporate users, particularly in the accounting department. Hacked messages and email accounts of specific managers were also uncovered during the investigation.
Despite the security incident, Unicoin stated that there has been no material impact on their finances or operations. No monetary loss of coins has been reported, although the findings are still preliminary. It remains unclear whether the fired contractor was involved in the breach.
Recent warnings from blockchain analysis companies suggest that threat actors, including thousands of North Korean operatives, are employing sophisticated social engineering tactics to target crypto firms. This includes applying for IT positions to gain access to sensitive information and funds.
As Unicoin continues to address the aftermath of the security breach, the cryptocurrency industry as a whole remains vigilant against such cyber threats. It serves as a reminder of the importance of robust security measures and ongoing monitoring to safeguard digital assets in an increasingly volatile landscape.