Recently, hardware wallet manufacturer Ledger faced a lot of criticism over the e-commerce customer data breach that occurred last June. The data included the emails of one million Ledger wallet customers and thousands of customers had leaked additional information such as phone numbers and residential addresses. Reports now indicate that the hackers dumped the Ledger leak data on the sharing marketplace Raidforums for free.
Hackers Dump Ledger Wallet E-commerce Customer Data on Raid Forums
One of the most current conversations in the cryptocurrency space in the past 24 hours was the infamous Ledger wallet ecommerce customer data breach. According to the hardware wallet manufacturer’s own testimony, the ecommerce marketing database was breached on June 25, 2020. They found that the database was being exploited after a researcher tipped off the company on July 14, 2020, and they launched an internal investigation.
“Contact and order details were involved. This is usually the email address of our customers, about 1 million addresses, ”Ledger wrote at the time of discovery. “After examining the situation, we also found that for a subgroup of 9,500 customers were also exposed, such as first and last name, postal address, telephone number or products ordered.”
Last week news.Bitcoin.com reported about the Ledger leak situation as it comes back to haunt the company. A large number of people said they received phishing emails and some people reportedly lost money. Additionally, a number of Ledger customers whose phone numbers have been leaked have reported malicious text messages sent to their phones. To make matters worse, reports from December 20, 2020 show that the hackers have decided to dump all info on the Raidforums marketplace for free.
1% of Ledger customers in the recent leak have taken the trouble to secure their home address with a PO box or private mailbox.
A number of cryptocurrency advocates are reporting on the data dump on social media and a Pastebin file also goes around with the dump. “A hacker dumps the entire Ledger database on RAID forums for free,” one person tweeted. “Emails, phone numbers, and addresses. Prepare for a massive wave of spam and phishing,” he added. According to the Raidsforums post, the identity of 272,000 Ledger owners was added to the 1 million email addresses.
Hudson Rock’s Co-Founder and CTO, aka “Under the breachAlso reported about the data dump.
ALERT: Threat actor just dumped Ledger’s database, which has been circling for the past few months, ”he tweeted. “The database contains information such as emails, physical addresses, phone numbers and more information about 272,000 Ledger buyers and emails from 1,000,000 additional users. This leak persists [a] great risk to the people affected by it. “
The security expert added:
Individuals who bought a Ledger generally have a high net worth in cryptocurrencies and will now be more widely exposed to both cyberbullying and physical harassment than before. Other forum members don’t appreciate the leaker taking away their potential 6 digit revenue for this database.
Ledger responds, regretting the situation
Ledger’s official Twitter account also discussed the data dump on Sunday. “Today we were made aware of the dump of the contents of a Ledger customer database on Raidforums,” the company said. tweeted. “We still confirm, but early signs tell us that this could indeed be the content of our e-commerce database from June 2020.”
The hardware wallets manufacturing company also added:
To say that we sincerely regret this situation is a huge understatement. We take privacy very seriously. Avoiding situations like this is a top priority for our entire business, and we’ve learned valuable lessons from this situation that will make Ledger even safer.
Ledger says that since July, the company has been “working hard to make Ledger stronger for the future” and has also hired a new Chief Information Security Officer (CISO). The company says it is “further hardening” its systems and has thoroughly revised its data policy. “We’ve conducted penetration testing and forensic analysis with third-party security companies to test them and find any additional vulnerabilities in our e-commerce systems,” Ledger added on Sunday.
What do you think about the Ledger ecommerce database leak on Raid forums? Let us know what you think about this topic in the comments below.
Image Credits: Shutterstock, Pixabay, Wiki Commons, Raid Forums, Ledger Wallet,
Disclaimer: This article is for informational purposes only. It is not a direct offer or invitation to an offer to buy or sell, or a recommendation or endorsement of products, services, or companies. Bitcoin.com does not provide investment, tax, legal or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.