Crypto Wallet Ledger Loses 1M Email Addresses in Data Theft

www.coindesk.com 2020-07-29 09:30
Reading time: ~1 m

Ledger said customer details have been stolen in a data breach that may well have been exploited for over two months.

  • In a note to clients Wednesday, CEO Pascal Gauthier said the French hardware wallet provider fell victim to a large scale data breach from an unauthorized third party.
  • The hacker, whose identity remains unknown, gained access to Ledger's e-commerce and marketing database.
  • Customers affected include those who signed up to Ledger's newsletter or receive promotional material.
  • Information stolen included email addresses, with a smaller "subset" of 9,500 customers also having their full names, postal addresses, and phone numbers exposed.
  • In total, the company estimates around one million email addresses have been stolen.
  • Payment information, passwords, and cryptocurrency funds have not been affected.
  • The data breach was first detected as part of a bug bounty program on July 14; Ledger estimates the data may have been exposed from April until the end of June.
  • The wallet provider has now alerted the French authorities and is filing a complaint with the public prosecutor.
  • Ledger said they have not found customer information disseminated online nor have they received any ransom demands.

See also: Coincheck Customers Fall Victim to Data Breach After Domain Account Error