A major cryptocurrency company has admitted that a threat actor removed access to its employees’ corporate productivity apps for four days.
The official cryptocurrency of the reality television show Unicorn Hunters is Unicoin, which claims to be a “more stable alternative” to the majority of digital currencies.
On August 9, the company discovered in a Form 8-K SEC filing that an unidentified threat actor had gained access to its Google G-Suite account.
According to the filing, the individual changed the passwords of “all users of the company’s G-Suite products (i.e., G-Mail, G-Drive, and other related G-Suite functionality), thereby denying access to all users having a @unicoin.com email address.”
It added, “The Company was able to restore access to its internal users and remove the threat actor’s access to the G-Suite accounts on or about August 13, 2024.” The company is looking into the information that was accessed in order to figure out what the event did and how it will affect it. Additionally, the company continues to investigate the event’s scope.
Although Unicoin is still unsure of the circumstances, it revealed that a contractor had been terminated following the discovery of “traces of identity forgery” associated with them.
The regulatory filing also revealed the following additional information:
- During a “personal check” of all corporate users of internal services, “discrepancies” were found in the personal data of employees and/or contractors in Unicoin’s accounting department.
- There were traces of hacked messages and email accounts of specific managers. Despite the fact that the company’s findings are not yet conclusive, Unicoin asserted that the incident did not have a material impact on its finances or operations and that there was no monetary loss of coins.
It is not clear whether the security breach involved the fired contractor. Last week, a company that analyzes blockchains issued a warning that threat actors, including thousands of North Korean agents, are stealing funds by employing sophisticated social engineering techniques like applying for IT positions at crypto firms.
