en
Back to the list

Hacker Attempts to Sell Data Allegedly Tied to Ledger, Trezor, Bnktothefuture Customers

source-logo  news.bitcoin.com  + 4 more 25 May 2020 01:30, UTC

Hacker Attempts to Sell Data Allegedly Tied to Ledger, Trezor, Bnktothefuture Customers

According to an online monitoring web portal called, Under the Breach, a hacker is purportedly trying to sell customer information that stems from companies like Keepkey, Trezor, Ledger, and even the investment platform Bnktothefuture. The hacker doesn’t seem to have any passwords, but is offering detailed information that was stolen from a Shopify breach like email addresses, home addresses, and phone numbers.

The cybercrime resource known as Under the Breach has disclosed that customers who have purchased products using Shopify and purchased items from companies like Ledger, Trezor, Keepkey, and even Bnktothefuture may have had their identities leaked.

The hacker is said to be the same person that attacked the forum Ethereum.org and he claims to have a massive cache of customer information.

The Ethereum forum hacker is now selling the databases of @Trezor and @Ledger.

Both of which obtained from a @Shopify exploit.
(suggesting there are many more underground leaks).

The hacker also claims he has the full SQL database of famous investing site @BankToTheFuture. pic.twitter.com/4M3f2bQKvB

— Under the Breach (@underthebreach) May 24, 2020

Under the Breach documents show that the hacker has three large databases with information pertaining to an alleged 80,000 customers. This includes the customer’s email address, name, phone number, residential address, and other pieces of data.

The databases from Shopify are allegedly tied to Ledger, Trezor, and Keepkey. However, on May 24, 2020, the firm Ledger addressed the Shopify discussion and called it a “rumor.”

“Rumors pretend our Shopify database has been hacked through a Shopify exploit,” Ledger tweeted. “Our ecommerce team is currently checking these allegations by analyzing the so-called hacked DB, and so far it doesn’t match our real [database] DB. We continue investigations and are taking the matter seriously.”

The company that manufactures Trezor hardware wallets has also denied the situation. Trezor’s official Twitter account stated:

There are rumors spreading that our eshop database has been hacked through a Shopify exploit. Our eshop does not use Shopify, but we are nonetheless investigating the situation. We’ve been also routinely purging old customer records from the database to minimize the possible impact.

The information provided by Under the Breach shows that there are no passwords available and only identity information per request. Allegedly, the hacker also breached the Bnktothefuture SQL database and scooped up identity information from that investment platform as well.

The hacker has a number of dubious claims and supposedly has the databases for close to 20 crypto exchanges worldwide. No one can confirm whether or not the hacker really does have these databases, and so far it seems to be merely hearsay. The individual also has told the public he hacked two digital currency tax companies and is planning to sell that data as well.

news.bitcoin.com

Similar news (4)
Add similar news