Cryptocurrency wallet manufacturer Ledger is facing the consequences of a data leak on its website, which took place in June 2020. The company recently found that threat actors are posting the leaked data of millions of Ledger wallet customers on the dark web marketplace “Raidforums” for free. The data dump contains sensitive information, including email addresses, contact details, and residential addresses.
Data Breach Overview
Earlier, Ledger stated that an unauthorized third party accessed a portion of its e-commerce and marketing database via exploiting an Application Programming Interface (API) Key.
“Contact and order details were involved. This is mostly the email address of our customers, approximately 1M addresses. Further to investigating the situation we have also been able to establish that, for a subset of 9,500 customers were also exposed, such as first and last name, postal address, phone number or ordered products,” Ledger said in a statement.
Related Story: How to Safeguard Your Cryptocurrency Wallet
Breached Data on Dark Web
Following the data breach, most of Ledger’s customers received phishing emails and malicious messages tricking them into entering personal details. Hackers shared two files that contained the breached data. The first file “All Emails (Subscription).txt” holds the email addresses of 1,075,382 Ledger users, whereas the second file, “Ledger Orders (Buyers) only.txt,” includes sensitive data like names, mailing addresses, and phone numbers for 272,853 people.
Several cryptocurrency traders are reporting about the data dump on social media.
Leak is legit.
Over 1,000,000 email addresses
Over 250,000 physical addresses and phone numbershttps://t.co/hLoXv3BATk
— Jameson Lopp (@lopp) December 20, 2020
Today we were alerted to the dump of the contents of a Ledger customer database on Raidforum. We are still confirming, but early signs tell us that this indeed could be the contents of our e-commerce database from June, 2020.
— Ledger (@Ledger) December 20, 2020