On November 12, 2021, some users of unbanked received an email pretending to be from the unbanked team. A user in this telegram claimed that the email he had used for Unbanked for unique and unused elsewhere, so I think it is fair to say that a data breach occurred at Unbanked itself.
Fortunately, soon after, Unbanked released a notice warning its users about said phishing attempt:
Additionally, a screenshot shared by a user in Telegram indicates that data breach might have happened sooner. It seems that in addition to email, phone number and name information was also breached.
However, the aftermath of the breach is still unclear. I don’t think Unbanked card data was hacked (because otherwise we would have seen a data point at this point).
Closing Thoughts
It wasn’t long ago when Coinbase had a data breach which also included fraudulent charges in Coinbase card. Fortunately, Coinbase allows you to lock/unlock card at a click of a button. Unfortunately, Unbaked, to this day does not provide such trivial on/off button.
