Company Regrets The Situation As Ledger Wallet Data Leak Gets Dumped On Raidforums For Free
The latest in crypto hacks is the data leak of Ledger databases. How serious is the current situation? Here are the details pointing to the major security flaw.
What Happened To Databases Of Ledger?
For the e-commerce customer data leak that took place last June, just recently the hardware wallet manufacturer Ledger has been dealing with a lot of criticism. Emails of a million Ledger wallet customers and thousands of clients had additional information leaked like phone numbers and residential addresses where the data contained. The hackers have dumped the Ledger leak data on the sharing marketplace Raidforums for free is what now the reports are detailing.
It Was Found That On Raidforums, The Hackers Have Then Dumped Ledger Wallet E-Commerce Customer Data
The notorious Ledger wallet e-commerce customer data leak is one of the most topical conversations in the cryptocurrency space in the last 24 hours. The e-commerce marketing database was breached on June 25, 2020, according to the hardware wallet manufacturer’s own testimony. They initiated an internal investigation as they found out the database was exploited after a researcher tipped the company off on July 14, 2020.
At the time of discovery, Ledger wrote involved here were contact and order details. Approximately 1M addresses, as this is mostly the email address of their customers. A subset of 9,500 customers was also exposed such as first and last name postal address, phone number, or ordered products as further to investigate the situation they have also been able to establish.
As it has come back to haunt the company, last week reports came on the ledger leak situation. Some individuals have reportedly lost funds as a great number of people said they had received phishing emails.
Detailing that malicious text messages have been sent to their phones as additionally were a number of Ledger customers that had their phone numbers leaked. Finding the reports on December 20, 2020, indicated that those hackers have then decided to dump all of the info for free on the Raidforums marketplace thus making matters far worse.
On December 20, 2020, Jameson Lopp was saying going to the trouble of protecting their home addresses with a PO Box or private mailbox was 1% off the Ledger customers from the recent leak.
There is also a Pastebin file going around with the dump as well as a number of cryptocurrency proponents have been reporting on the data dump on social media. One individual tweeted that on Raidforums a hacker is dumping the full Leger database dump for free. He further added these included emails, phone numbers, and addresses and so be ready for a huge spam and phishing wave. Identity info for 272,000 Ledger owners was included with the 1 million email addresses according to the Raidforums post.
Also reporting on the data dump was the co-founder and CTO of Hudson Rock otherwise known as “Under the Breach.”
Here is the alert: he tweeted that it has been circling for the past few months, as threat actor just dumped Ledger’s database. More information on 272,000 Ledger buyers and emails of 1,000,000 additional users, the database contains information such as Emails, Physical Addresses, Phone numbers. To the people affected by it, this leak holds a major risk.
Adding to it the security expert says
On a larger scale than experienced before, individuals who purchased a Ledger tend to have thereby a high net worth in cryptocurrencies as well as now subject to both cyber harassments and physical harassment. Not appreciating the leaker taking away their potential 6 figure sales of this database are other forum members.
Regretting The Situation, Ledger Responds
On Sunday, Ledger’s official Twitter account also discussed the data dump. The company further tweeted, on Raidforums, today they were alerted to the dump of the contents of a Ledger customer database.
Early signs do tell them this indeed could be the contents of their e-commerce database from June 2020 as they are still confirming.
Also adding is the hardware wallet manufacturing company:
That they sincerely regret this situation is a massive understatement. Extremely seriously do they take privacy. They have learned valuable lessons from this situation which will make Ledger even more secure as avoiding situations like this are a top priority for their entire company.
Hiring a new Chief Information Security Officer, (CISO), Ledger says that since July, the firm has done everything possible to make Leger thereafter stronger for the future. Thoroughly reviewing their data policy, the company says that it is further hardening its systems. On Sunday, Leger added that to test these and find any additional vulnerabilities on their e-commerce systems, they executed penetration tests and forensic analysis with external security firms.