Back in July 2020, a hacker managed to breach Ledger’s database, capturing the personal information and data of thousands of its customers. The data has now been published online, and is widely accessible to download on a forum specifically set up for buying, selling and sharing hacked information.
Ledger CEO Pascal Gauthier has released a press statement, apologising for the incident and assuring customers that their crypto funds are safe, but the effects of this monumental data breach are already being felt by countless Ledger customers across the world.
What Information Was Stolen From Ledger?
Ledger publicly disclosed the data breach from June, stating that 9,500 of its customers were affected. However, the most recent database dump has revealed that many more people have had their details compromised, whether they were customers or simply signed up to the company’s newsletter.
The amount of information leaked online includes:
- Over 1 million email addresses
- 272,000 hardware wallet orders
- Physical home addresses
- Phone numbers
It hasn’t taken long for scammers to take action. Many people who have had their stolen have received legit-looking emails asking them to download a new version of the Ledger software.
While cryptocurrency cannot be siphoned out of Ledger wallets, the data breach could lead to more phishing scams, which in turn can lead to other monetary losses.
Angry customers on Twitter and Reddit are also greatly concerned about their personal safety. Some Ledger users with a substantial amount of cryptocurrency are worried about kidnapping and ransom attempts now that their home addresses have been made public.
Practical Advice Following the Ledger Hack
Having your personal details leaked online is a horrible experience, but there are a few actions you can take to better protect yourself and the others affected by this breach:
Report Suspicious Activity
Many people have already been sent phishing emails from scammers pretending to be representatives from Ledger, but if you are in any doubt, do not respond to the email and do not click on any links.
Others are being sent extortion emails, claiming that they will be attacked outside their homes unless payment is made.
It’s important that you do not respond to these emails. Report what has happened to Ledger, and if you are worried about your safety, contact your local authorities.
Never Share Your 24-Word Recovery Phrase or PIN
Ledger will never ask for your recovery phrase, so anyone who does ask for it will be a scammer. If you believe your phrase has been compromised, you must report it to Ledger.
The high level of security surrounding crypto wallets means your currency is completely safe. The only way you can lose your cryptocurrency in this way is by giving out your recovery phrase.
Follow Ledger’s Official Channels
The company has outlined how it contacts its customers. Ledger will not get in touch via: text message, Whatsapp, phone calls or mail.
Ledger only communicates through email and its social media channels: Twitter, Facebook & Instagram.
Never Validate a Transaction on Your Nano That You are not the Author of
Scammers may ask you to download a fake Ledger Live application that will trigger a transaction on your Nano. Reject the application and report the situation. If you are not the author, do not trust it.
Recovering a Financial Loss Due to the Ledger Leak
The data breach has caused many people a significant amount of stress, and the last thing you need to be worried about is any financial loss. Naray Law is a specialist legal office that handles cryptocurrency cases all around the world.
I was personally involved with coordinating and collecting evidence gathered from the victims from the Bitcoin Giveaway Scam that was featured prominently on YouTube and Google across the spring and summer of 2020. The evidence I gathered has led to Steve Wozniak — co-founder of Apple alongside Steve Jobs — and his legal team filing a lawsuit against Google for defamation of character.
This is a dark time for anyone involved in the cryptocurrency scene, but as a specialist crypto lawyer, I can help you recover any lost funds that are a result of the breach.