Just recently, the hardware wallet manufacturer Ledger has been dealing with a lot of criticism for the e-commerce customer data leak that took place last June. The data contained the emails of a million Ledger wallet customers, and thousands of clients had additional information leaked like phone numbers and residential addresses. Reports now detail that the hackers have dumped the Ledger leak data on the sharing marketplace Raidforums for free.
Hackers Dump Ledger Wallet E-Commerce Customer Data on Raidforums
One of the most topical conversations in the cryptocurrency space in the last 24 hours has been the notorious Ledger wallet e-commerce customer data leak. According to the hardware wallet manufacturerâ€™s own testimony, the e-commerce marketing database was breached on June 25, 2020. They found out the database was exploited after a researcher tipped the company off on July 14, 2020, and they initiated an internal investigation.
â€œContact and order details were involved. This is mostly the email address of our customers, approximately 1M addresses,â€ Ledger wrote at the time of discovery. â€œFurther to investigating the situation we have also been able to establish that, for a subset of 9,500 customers were also exposed, such as first and last name, postal address, phone number or ordered products.â€
Last week, news.Bitcoin.com reported on the Ledger leak situation, as it has come back to haunt the company. A great number of people said they had received phishing emails and some individuals have reportedly lost funds. Additionally, a number of Ledger customers that had their phone numbers leaked have been detailing that malicious text messages have been sent to their phones. Making matters far worse, reports on December 20, 2020, indicate that the hackers have decided to dump all the info for free on the Raidforums marketplace.
A number of cryptocurrency proponents have been reporting on the data dump on social media and thereâ€™s also a Pastebin file going around with the dump as well. â€œA hacker is dumping the full Ledger database dump for free on Raidforums,â€ tweeted one individual. â€œEmails, phone numbers, and addresses. Get ready for a huge spam and phishing wave,â€ he added. According to the Raidsforums post, identity info for 272,000 Ledger owners were included with the 1 million email addresses.
â€œALERT: Threat actor just dumped Ledgerâ€™s database which has been circling around for the past few months,â€ he tweeted. â€œThe database contains information such as Emails, Physical Addresses, Phone numbers, and more information on 272,000 Ledger buyers and Emails of 1,000,000 additional users. This leak holds [a] major risk to the people affected by it.â€
The security expert added:
Ledger Responds, Regrets the Situation
Ledgerâ€™s official Twitter account also discussed the data dump on Sunday. â€œToday we were alerted to the dump of the contents of a Ledger customer database on Raidforums,â€ the company tweeted. â€œWe are still confirming, but early signs tell us that this indeed could be the contents of our e-commerce database from June 2020.â€
The hardware wallet manufacturing company also added:
Ledger says that since July the firm has done â€œeverything possible to make Ledger stronger for the futureâ€ and also hired a new Chief Information Security Officer (CISO). The company says that it is â€œfurther hardeningâ€ its systems and have thoroughly reviewed their data policy. â€œWe executed penetration tests and forensic analysis with external security firms to test these and find any additional vulnerabilities on our e-commerce systems,â€ Ledger added on Sunday.
What do you think about the Ledger e-commerce database being leaked on Raidforums? Let us know what you think about this subject in the comments section below.
Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.