A hacker compromised Unicoin's Google Workspace account, changed all employee passwords, and locked them out for four days, during which the attacker accessed sensitive company data. The company has since restored access and is assessing the full impact of the breach.
Unicoin, a cryptocurrency project, has been compromised by a hacker who changed the passwords of all employees, preventing them from accessing their corporate accounts. The hacker gained access to Unicoin's Google Workspace account on August 9, 2024, and altered passwords for all company employees, effectively locking them out of their corporate accounts, including Gmail and Drive.
This breach allowed the attacker to access confidential internal communications and data. The company restored access for its employees on August 13, 2024.
See also: Why do cyberattacks happen?
“On August 9, 2024, Unicoin Inc. detected an unknown threat actor had gained access to the Company’s Google G-Suite account and changed passwords of all users of the Company’s G-Suite products (i.e., G-Mail, G-Drive and other related G-Suite functionality), thereby denying access to all users having an “@unicoin.com” email address,” reads the SEC Form 8-K filing.
“On or about August 13, 2024, the company was able to remove the threat actor’s access to the G-Suite accounts and restore access to its internal users.”
Unicorn is assessing and mitigating the impact of the event. Furthermore, research into the extent of the breach remains ongoing. “As of the date of this Current Report, the Event has not had a material impact on the Company’s financial condition or results of operations. No traces of loss of any of the Company’s cash or crypto assets have been found.” At the moment, the Company cannot confirm whether or not the incident will significantly affect its financial state or operations. “Should the Company make a determination that the Event is material, such determination shall be included in a future report or in amendment to this Current Report,” the form says.
See also: HIPAA Compliant Email: The Definitive Guide
This attack on Unicoin demonstrates inherent vulnerabilities in cloud-based systems, particularly for industries where trust and security are a priority. The breach exposed sensitive data and disrupted operations and raised broader concerns about the adequacy of current cybersecurity measures in protecting against sophisticated threats. For individuals, this incident could lead to potential identity theft and a loss of confidence in digital security, while for industries, it serves as a reminder of the importance of robust cloud security and rapid incident response strategies.
Read also: A guide to HIPAA and cloud computing
A cybersecurity breach occurs when an unauthorized party gains access to a computer system, network, or digital environment, often leading to data theft, corruption, or loss of access to critical systems.
Hackers may gain access through phishing attacks, exploiting vulnerabilities in software, weak or compromised passwords, or by obtaining unauthorized credentials through social engineering or data breaches.
To prevent breaches, companies should: