A data breach that occurred on June 25th on the Ledger Wallet’s e-commerce system got one million of its customer’s personal emails stolen. 

It was on July 14th that a researcher informed Ledger of an exploit found online, exposing customer purchasing data. The company began an investigation into the hack but wasn’t initially able to locate any of the whereabouts of the data. 

Today, it seems this information has been dumped for free on the Raidforums marketplace. In addition to leaked email address, the dump also includes roughly 9,500 other customers’ addresses, phone numbers, and names. 

Data Leak Leads to Phishing Scams

The consequences of this hack were detrimental as people reported getting phishing emails and a few even claimed to have money stolen from their crypto wallets. 

Podcaster and bitcoin enthusiast, Brad Mills tweeted that someone he knows lost $50k to a phishing scheme—a result of the leaked Ledger data. Mills tagged Ledger telling them to warn customers of scam emails asking for customers’ recovery phrase. 

Ledger’s Response to the Dump

Ledger handled the situation as best they could, responding to the phishing attempts in a public statement. The statement included in bold that “Ledger will never ask you for the 24 words of your recovery phrase.”

An official apology was also tweeted after the dump was discovered. They also ensured their customers that they are working to make Ledger more secure for the future. 

LEAVE A REPLY

Please enter your comment!
Please enter your name here