Ledger Data Breach Hits Users Via Payment Processor Global-e

CRYPTO
Whalesbook Logo
AuthorKavya Nair|Published at:
Ledger Data Breach Hits Users Via Payment Processor Global-e
Overview

Crypto hardware wallet provider Ledger is facing a data exposure incident originating from its third-party payment processor, Global-e. Unauthorized access to Global-e's cloud system compromised personal details, including customer names and contact information, of Ledger users who made purchases. Ledger emphasizes its own systems remain secure and no payment data or private keys were accessed, drawing parallels to a 2020 breach.

Ledger, the prominent crypto hardware wallet manufacturer, is confronting a significant data exposure incident. The breach did not originate from Ledger's own systems but from Global-e, a third-party payment processor used by the company. Unauthorized access was gained to Global-e's cloud infrastructure, resulting in the compromise of personal details of Ledger customers who had made purchases through the platform.

Third-Party Risk

Information exposed includes customer names and contact details. Global-e confirmed the improper access after detecting unusual activity and launching an investigation with forensic experts. While the exact number of affected clients has not been disclosed, the incident highlights the persistent cybersecurity risks associated with third-party vendors in the e-commerce space. Ledger has stressed that its own platform, hardware, and software remain secure, reassuring users that their private keys and digital assets are unaffected.

Ledger Reassures Users

In communications, Ledger clarified that the breach occurred at Global-e, which acted as the Merchant of Record for these transactions. Payment information was reportedly not involved in the incident. The company stated it is collaborating with Global-e to inform affected users. This event draws a stark reminder of a similar data breach Ledger experienced in 2020, which exposed the information of approximately 270,000 customers via its then-e-commerce partner, Shopify.

Past Incidents

The 2020 breach, which involved customer email addresses and other personal data, led to significant customer distress and phishing attempts. Ledger has been under increased scrutiny regarding data security following that incident. The current exposure, while originating externally, reignites concerns among its user base about the comprehensive security measures in place across its entire operational ecosystem, even for third-party services.

Disclaimer:This content is for educational and informational purposes only and does not constitute investment, financial, or trading advice, nor a recommendation to buy or sell any securities. Readers should consult a SEBI-registered advisor before making investment decisions, as markets involve risk and past performance does not guarantee future results. The publisher and authors accept no liability for any losses. Some content may be AI-generated and may contain errors; accuracy and completeness are not guaranteed. Views expressed do not reflect the publication’s editorial stance.