Ledger recently notified customers that their personal information was leaked following a security breach at Global-e, a third-party payment processor used for transactions on Ledger’s website. The company clarified that while customer contact details were accessed, Ledger’s own internal systems and hardware security remain uncompromised.
The hardware wallet manufacturer confirmed that the breach originated within the systems of Global-e, which serves as the merchant of record for purchases made on the official Ledger website. This means the hackers targeted the payment intermediary rather than the blockchain company directly. Ledger was quick to emphasize that its own network, software, and hardware products were not impacted by the incident, ensuring that user private keys and funds remain safe.
According to the company, the data accessed during the breach specifically pertained to individuals who used Global-e to complete their purchases. The exposed information includes names and contact details, which Ledger is now disclosing to affected users as a precautionary measure. By informing customers early, the company aims to help them stay vigilant against potential phishing attempts that often follow such data leaks.
GET 50% Discount for VPN/ANTIVIRUS SOFTWARE AT 911Cyber - CODE: bit5025
The incident was brought to wider public attention after blockchain investigator ZachXBT shared a copy of the notification email sent by Global-e. This alert served as a secondary warning to the cryptocurrency community, highlighting the risks associated with third-party service providers in the digital asset space. While Ledger’s core security infrastructure held firm, the leak demonstrates how peripheral services can still pose a risk to user privacy.
In its communication with security researchers, Ledger reiterated that the integrity of its self-custodial wallets is the top priority. The company maintains that the breach is strictly limited to the marketing and shipping data held by the payment processor. They are working to identify the full scope of the exposure while advising customers to be cautious of any unsolicited communications requesting sensitive account information or recovery seeds.
This event serves as a reminder of the ongoing threats facing the cryptocurrency industry and the importance of securing every link in the supply chain. While the hardware remains a secure method for storing assets, the personal data required for physical shipping continues to be a target for malicious actors. Ledger continues to monitor the situation and provide updates to those whose information may have been compromised in the Global-e system breach.
Source: Ledger Customers Impacted By Third Party Global E Data Breach