cryptobriefing.com
Key Takeaways
- Ledger, a well-known hardware wallet manufacturer, has been impacted by a third-party data breach involving their payment processor, Global-E.
- The breach has potentially exposed customer names and contact information, compromising the privacy of Ledger users.
Ledger said Monday that a breach at its payment partner Global-e may have exposed some customer order information. The team stressed that the incident did not affect Ledger devices, wallets, or recovery phrases.
The announcement came shortly after customers reported receiving an email from Global-e disclosing unusual activity in its cloud systems that led to unauthorized access to some personal information. Blockchain sleuth ZachXBT first alerted users to the incident via his Telegram channel.
Ledger said the unauthorized access occurred in a Global-e cloud system used to process orders on Ledger.com and other brands. Global-e stated that exposed data may include names, addresses, emails, phone numbers, and order details, but not payment information.
Ledger stressed the breach did not affect its own infrastructure, and Global-e has no access to recovery phrases, wallet balances, or other sensitive data.
Security experts are urging customers to be cautious about unexpected emails, text messages, or support requests that reference Ledger, and to avoid clicking links or sharing recovery phrases under any circumstances.