Leaked data of a million Ledger customers is further proof that centralized databases are prone to failure.
Share this article
Top hardware wallet Ledger revealed that a breach occurred in its customer information database, and email IDs for close to a million customers have been stolen. User funds are safe, but the risk of an extensive phishing attack is very high.
Vulnerability in Ledger’s Database
A bug bounty program helped Ledger discover that it’s marketing database had a vulnerability that put the personal information and purchases details of customers at risk. Ledger immediately patched the issue, but it was already too late.
The company noticed that somebody used an API to access this information on Jun. 24. The company has since sent a notice to customers whose information is at risk.
Email IDs for over a million customers were leaked. Sensitive information such as full names, phone numbers, and addresses were taken for a subset of 9,500 customers, according to Ledger.
In response to the situation, the company promises to tighten its internal security and is pushing for data security measures on e-commerce data on par with product data (wallet-related information).
Ledger notified the French Data Protection Authority and is actively monitoring evidence that helps them figure out whether the data is being sold on the internet.
Hardware wallets are the gold standard of cryptocurrency security for retail investors. The wallet provider noted that funds are not at risk as the hacker targeted customer information. However, this could result in a large scale phishing attack to coerce Ledger users into revealing their wallet recovery phrase and keys.
The company emphasizes that it will never ask users for recovery phrase and private key-related information.
Share this article
The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.
You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.
Ledger became the first hardware wallet integrated into DeversiFi, a decentralized exchange (DEX), marking Ledger’s move into the DeFi ecosystem. Ledger Enters the DeFi Arena Ledger, a leader in helping...