Ledger reveals payments partner leaked customer names, contact information in new data breach

Customers of Ledger, a crypto hardware wallet provider, have had their names and contact information leaked after one of the firm’s payment processing partners suffered a data breach.

Only customers who purchased Ledger.com using Global-e as a Merchant of Record are potentially impacted, a Ledger spokesperson told DL News.

“Ledger was not the only brand whose customer data was affected,” the spokesperson said. “The unauthorised party gained access to a Global-e cloud-based information system containing shopper order data from several brands.”

Ledger did not respond to a question about how many of its customers were impacted by the breach.

Global-e did not immediately respond to a request for comment.

The incident comes as scams targeting crypto users remain a perennial issue.

In 2025, bad actors stole almost $84 million through phishing attacks, according to crypto security firm ScamSniffer.

These attacks involve scammers using fake emails, texts, or calls to trick customers into revealing sensitive information, clicking links that install crypto-stealing malware, or inadvertently sending them their crypto.

The Global-e data breach could worsen the situation. The leaked data includes Ledger customers’ contact information, a valuable resource for scammers targeting crypto users through email-based phishing attacks.

Not the first time

Ledger’s crypto hardware wallets are designed to help users keep their crypto assets secure by adding a layer of security.

Yet for many, purchasing a hardware wallet from the firm has exposed them to phishing attacks due to multiple data breaches.

In 2020, the firm revealed that data linked to around 272,000 of its customers had been stolen through a breach of its e-commerce and marketing database.

Later that year, Shopify, one of Ledger’s e-commerce service providers, revealed that a rogue employee had leaked data from around 292,000 Ledger customers.

These previous leaks included not just customer names and emails, but also addresses and phone numbers.

Leaks of crypto users’ addresses have led to so-called wrench attacks — where criminals locate, kidnap, and extort known customers to get them to hand over the password-like private keys that grant access to their crypto.

Ledger co-founder attacked

Last year, David Balland, one of Ledger’s co-founders, was targeted by such an attack.

Balland and his wife were kidnapped from their home and held for ransom in a wrench attack that took place in France in January.

Criminals held the pair for around 24 hours before French authorities freed them.

During the attack, the assailants severed one of Balland’s fingers and sent it to his associates in an attempt to lure ransom payments, French newspaper Le Monde reported.

In June, French police arrested a French-Moroccan national, alleged to be the ringleader of the group who carried out the attack, as well as several other kidnapping plots in France.

Tim Craig is DL News’ Edinburgh-based DeFi Correspondent. Reach out with tips at tim@dlnews.com.