Customer Info Compromised in Ledger Breach: How Deep Does It Go?

TLDR

• Hackers breached Global-e, a third-party payment processor used by Ledger.
• The attackers accessed customer names and contact details from cloud storage.
• Ledger confirmed that its internal systems and payment data were not affected.
• Global-e quickly contained the breach and launched a forensic investigation.
• Affected customers received notification emails directly from Global-e.

Crypto wallet provider Ledger has confirmed a data breach involving its third-party payment partner Global-e, which exposed user data. The breach impacted customers who used Ledger’s website to make purchases, but payment details remain unaffected. Global-e detected and halted the attack swiftly but confirmed that hackers accessed user names and contact details.

Global-e Suffers Cloud Breach Impacting Ledger Customers

Global-e, Ledger’s payment service partner, experienced unauthorized access on a section of its cloud infrastructure used for order processing. The breach exposed personal details of customers who had previously transacted on Ledger’s site through Global-e’s platform. While the system was quickly secured, data was already compromised.

The compromised data included full names and contact information, which Global-e verified following a forensic investigation by external experts. Global-e confirmed the breach via email sent directly to affected users and emphasized it had contained the issue. However, the company did not specify how many customers were affected.

Ledger later confirmed that the breach occurred within Global-e’s system, not on Ledger’s own infrastructure or platform. A company representative stated, “The breach did not originate from Ledger but from our payment service provider Global-e.” The company reiterated that it was not directly breached and emphasized the separation between its services and Global-e.

Past Incidents Raise Concerns Around Ledger’s Security

This is not the first time Ledger has faced security events involving third-party vendors or internal operations. In 2020, hackers exposed data from over 270,000 Ledger customers by targeting its then-partner Shopify. Attackers accessed customer records via an exploited Shopify support API.

In 2023, Ledger encountered another attack after a compromised employee uploaded a malicious update to Ledger’s Connect Kit. This incident directly impacted DeFi platforms connected to Ledger and resulted in losses exceeding $480,000. The attacker had access for hours before the issue was contained.

These past breaches highlight the persistent challenges Ledger has faced in managing data security across its extended infrastructure. While the current breach did not compromise payment or wallet data, previous cases involved direct threats to assets. The firm has consistently responded to each event but often after damage had already occurred.

Company Statements and Investigation Status

Global-e informed users through email about the security incident and clarified that forensic teams are reviewing the extent of exposure. The company assured users that no financial information or credit card details were accessed in the breach. It continues to work with authorities to finalize its investigation.

Ledger confirmed that Global-e serves as the data controller for its transaction processing system and bore the responsibility for the breach. It also explained that all affected customers were contacted by Global-e, not Ledger directly. As of now, Ledger has not issued a public post or social media statement.

The email from Ledger’s support clarified: “There was no breach of Ledger’s infrastructure or databases.” This message served to distance Ledger’s internal systems from the incident. It reinforced that user funds and wallets were not exposed to risk.

The post Customer Info Compromised in Ledger Breach: How Deep Does It Go? appeared first on CoinCentral.