Cryptocurrency firm Unicoin has disclosed a cyberattack that temporarily locked its employees out of critical Google services. The Unicoin cyberattack, which began on August 9, 2024, saw a hacker gain unauthorized access to Unicoin’s Google G-Suite account, affecting all employees with “@unicoin.com” email addresses.
According to a regulatory filing with the SEC, the attacker not only changed passwords but also caused considerable disruption by locking out employees from essential tools such as Gmail, Google Drive, and other G-Suite functionalities. This Unicoin data breach rendered the company’s internal communication and file-sharing systems inaccessible for nearly four days.
The Scope of the Unicoin Cyberattack
Unicoin’s regulatory documents reveal that the company regained control of its systems by August 13, 2024. However, the investigation into the cyberattack at Unicoin is still ongoing. The company reported traces of compromised messages and email accounts belonging to certain managers.
Additionally, discrepancies in the personal data of employees and contractors were noted within the company’s accounting department. One significant report during the investigation was the identity forgery of a contractor, whose position was promptly terminated. The filing also mentioned the presence of hacked messages and email accounts.
However, it has not yet been established whether these incidents are linked to broader issues, such as potential connections to North Korean hackers.
Impact on Company Operations
Despite the severity of the Unicoin data breach, the company has stated that, as of the current report, there is no evidence of stolen cash or crypto assets. Unicoin executives have emphasized that while the attack did not materially impact the company’s financial condition or operational results, the full implications of the breach are still under review.
The company has not yet determined whether the Unicoin cyberattack will have long-term financial repercussions. Unicoin’s regulatory filing also highlighted that the attack had not led to any immediate financial losses.
“No traces of loss of any of the Company’s cash or crypto assets have been found. The Company has not yet conclusively determined whether the incident is reasonably likely to materially impact the Company’s financial condition or results of operations or have any other material adverse effects. Should the Company make a determination that the Event is material, such determination shall be included in a future report or in amendment to this Current Report”, reads the filing.
Unicoin is one of the few cryptocurrency firms that regularly file reports with the SEC, reflecting its commitment to transparency. The company’s approach to regulation is notable in the crypto industry, where many firms operate with less oversight. With over $500 million worth of Unicoins sold and a portfolio that includes real estate and equity investments, the Unicoin cyberattack raises questions about cybersecurity practices within the crypto sector.