- Ledger has recently outlined a data breach that it suffered in late June.
- The attack targeted Ledger’s marketing and e-commerce database.
- The firm has clarified that payment information and cryptocurrency funds were unaffected.
Ledger, the world’s largest hardware wallet firm, recently said that it suffered a data breach of its marketing and e-commerce database in late June. The company noted that though contact information of customers was exposed, payment information, passwords and cryptocurrency funds were unaffected. In a recent blog post, Ledger noted that it has notified the affected customers about the breach via email.
The company added that since the attack targeted the marketing and e-commerce database, the fraudster(s) behind it could not access users' recovery phrases or private keys. Nevertheless, the emails of approximately one million customers were compromised. Ledger said:
Solely contact and order details were involved. This is mostly the email address of approximately 1mln of our customers. Further to investigation, we have also been able to establish that a subset of them were also exposed: first and last name, postal address phone number and product(s) ordered.
Ledger reassured its customers that their cryptocurrency assets are safe. The firm urged the users to be careful and reminded them that it would never ask for users' recovery phrases. The firm has filed a report with France's Data Protection Authority and has partnered with Orange Cyberdefense (OCD) to estimate the potential damages.