A hacker compromised Unicoin's Google Workspace account, changed all employee passwords, and locked them out for four days, during which the attacker accessed sensitive company data. The company has since restored access and is assessing the full impact of the breach.
What happened
Unicoin, a cryptocurrency project, has been compromised by a hacker who changed the passwords of all employees, preventing them from accessing their corporate accounts. The hacker gained access to Unicoin's Google Workspace account on August 9, 2024, and altered passwords for all company employees, effectively locking them out of their corporate accounts, including Gmail and Drive.
This breach allowed the attacker to access confidential internal communications and data. The company restored access for its employees on August 13, 2024.
See also: Why do cyberattacks happen?
What was said
“On August 9, 2024, Unicoin Inc. detected an unknown threat actor had gained access to the Company’s Google G-Suite account and changed passwords of all users of the Company’s G-Suite products (i.e., G-Mail, G-Drive and other related G-Suite functionality), thereby denying access to all users having an “@unicoin.com” email address,” reads the SEC Form 8-K filing.
“On or about August 13, 2024, the company was able to remove the threat actor’s access to the G-Suite accounts and restore access to its internal users.”
Unicorn is assessing and mitigating the impact of the event. Furthermore, research into the extent of the breach remains ongoing. “As of the date of this Current Report, the Event has not had a material impact on the Company’s financial condition or results of operations. No traces of loss of any of the Company’s cash or crypto assets have been found.” At the moment, the Company cannot confirm whether or not the incident will significantly affect its financial state or operations. “Should the Company make a determination that the Event is material, such determination shall be included in a future report or in amendment to this Current Report,” the form says.
See also: HIPAA Compliant Email: The Definitive Guide
Why it matters
This attack on Unicoin demonstrates inherent vulnerabilities in cloud-based systems, particularly for industries where trust and security are a priority. The breach exposed sensitive data and disrupted operations and raised broader concerns about the adequacy of current cybersecurity measures in protecting against sophisticated threats. For individuals, this incident could lead to potential identity theft and a loss of confidence in digital security, while for industries, it serves as a reminder of the importance of robust cloud security and rapid incident response strategies.
Read also: A guide to HIPAA and cloud computing
FAQs
What is a cybersecurity breach?
A cybersecurity breach occurs when an unauthorized party gains access to a computer system, network, or digital environment, often leading to data theft, corruption, or loss of access to critical systems.
How do hackers typically gain access to company accounts?
Hackers may gain access through phishing attacks, exploiting vulnerabilities in software, weak or compromised passwords, or by obtaining unauthorized credentials through social engineering or data breaches.
How can companies prevent cybersecurity breaches?
To prevent breaches, companies should:
- Implement strong password policies and multi-factor authentication.
- Regularly update and patch software to close vulnerabilities.
- Conduct employee training on recognizing phishing attempts and other common attacks.
- Deploy firewalls, antivirus software, and other security tools.
- Perform regular security audits and risk assessments.
Subscribe to Paubox Weekly
Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.