Popular hardware wallet company, Ledger, has been become the latest victim of a security breach. Hackers gained entry into one of the company’s database. Over 270,000 physical addresses and phone numbers, as well as 1 million email addresses belonging to customers, have been published on hacker website Raidforms. As of press time, the intention of the hacker(s) has not been made known.
While acknowledging the breach, Ledger claimed that the data in question was stolen in June when Ledger’s e-commerce database was compromised. In a series of tweets, they said:
Today, we were alerted to the dump of the contents of a Ledger customer database on Raidforum. We are still confirming, but early signs tell us that this indeed could be the contents of our e-commerce database from June 2020.
But despite an earlier claim by the company that only 9,500 phone numbers, postal addresses, and purchase details were compromised during the hack, it is obvious that the actual volume of leaked data is a lot more than what Ledger reported. It is also possible that this is an entirely new hack.
Ledger went further to assure customers that it was working with law enforcement agencies to prosecute the hacker(s). According to them, over 170y phishing websites have been taken down since the original incident in June. However, the public is having none of these excuses. There has been a lot of backlash from the crypto community. One user (Alon Gal) stated:
Individuals who purchased a Ledger tend to have a high net worth in cryptocurrencies and will now be subject to both cyber harassments as well as physical harassments on a larger scale than experienced before.
Some users have even called for a boycott, while others are threatening legal action.