Data Breach

Ledger Data Breach

1.0M records exposed • June 2020

Ledger makes hardware wallets for crypto. Hackers stole their customer list and then sent phishing emails to a million people pretending to be Ledger, trying to steal their crypto.

What Happened

Ledger, the hardware wallet manufacturer, suffered a breach of their e-commerce database. The data was later leaked, leading to targeted phishing of crypto holders.

Attack method: E-commerce database breach

What Data Was Exposed

Email addresses, Names, Phone numbers, Mailing addresses

Is your business exposed?

What to Do If You're Affected

1.
Never enter recovery phrases anywhere
2.
Ignore all phishing claiming to be Ledger
3.
Only use official Ledger Live software

Lessons for Businesses

• Customer lists of crypto companies are valuable
• Physical addresses enable targeted attacks
• Hardware wallet companies must secure all data

Sources

https://www.ledger.com/blog/update-efforts-to-protect-your-data-and-prosecute-the-scammers

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required