News 
Coin Information 
About us 
Customer Service 
Ledger, the company behind one of the most widely used crypto hardware wallets, has confirmed a new data breach involving its third-party e-commerce partner, Global-e. The incident exposed customer names and contact details linked to purchases made through Ledger’s online store, reigniting concerns about crypto security, phishing attacks, and real-world risks for wallet owners.
According to Ledger, sensitive assets such as private keys, wallet funds, and payment information were not compromised. However, the exposure of personal data has already triggered consequences. Within hours of the disclosure, users reported an uptick in phishing emails, scam messages, and impersonation attempts. Attackers are allegedly posing as Ledger or Global-e support, using leaked information to pressure recipients into revealing recovery phrases or other sensitive details.
This breach has amplified anxiety partly because it is not Ledger’s first security incident. In 2020, a major data leak affected nearly 300,000 users, followed by phishing campaigns and scams that included fake hardware wallets being mailed to victims. Security experts warn that similar patterns could follow this latest exposure, including financial theft, wallet takeovers, and even physical threats such as so-called “wrench attacks.”
Experts stress that risk extends beyond those directly impacted. Anyone publicly known to own a hardware wallet can be targeted through social engineering. The danger increases significantly when leaked data includes physical addresses, which can escalate threats from digital scams to real-world harm.
Current phishing attempts rely heavily on psychological manipulation rather than technical exploits. Messages often use real names and order details to build trust, then introduce urgency through claims of security alerts or replacement devices. These scams now appear not only via email but also through SMS messages and unsolicited phone calls.
Security professionals advise against panic-driven actions. Moving crypto funds unnecessarily can expose users to additional risks, as onchain transactions are public and can be monitored by attackers. Instead, users should remain vigilant, verify all communications, ignore unsolicited support messages, and never share recovery phrases under any circumstances. Long-term, minimizing public exposure of crypto ownership and personal data remains one of the strongest defenses against evolving threats.
Comment 0