As reported by BTC PEERS, over 270,000 phone numbers and physical addresses were leaked following a security breach on the hardware wallet, Ledger. The attackers also published 1 million emails on Raidforms.
Unfortunately, the inevitable wave of attacks on leaked emails and phone numbers has begun. Even sadder is the fact that Ledger is not offering any form of assistance or reimbursements to the rising number of affected users.
Particularly, scammers are phishing affected emails. According to a tweet from Ivan on Tech, scammers are pretending to be from the company all in a bid to get affected users to click malicious links. Several other users corroborated his story.
Beyond phishing attacks, SIM swapping has also become one of the present dangers. Some users have already reportedly been targeted. In a SIM swapping attack, a malicious actor contacts your mobile service provider and tries to convince them to activate a new SIM linked to your existing phone number. This gives the hacker access to your 2FA security.
Since physical addresses are also out there, the worst-case scenario is victims being attacked at their homes. In 2017, co-founder of Casa HODL, Jameson Lopp was attacked by crypto fans at his home. So, this won’t be the first time something like this is happening.
After assuring users that it had taken the necessary steps to protect them, Ledger has been quite irresponsible about the incident. The company appears to be more interested in staying alive than in helping affected users. Ledger CEO Pascal Gauthier told Decrypt that affected customers would not be reimbursed. However, the company is quickly losing its credibility.
When you have a data breach of this magnitude for such a small company, we won’t reimburse for a million users, all the devices, that’s just not possible. It would just kill the company.