Alon Gal, technology director for cybersecurity firm Hudson Rock, reported that someone published a database of personal information from hundreds of thousands of Ledger users on the Internet.
The database in question contains information such as 1 million e-mail addresses and telephone numbers and physical addresses of 272 thousand Ledger customers.
According to Gal, this data leak poses a huge risk to people whose information has been exposed. “Ledger customers may have large investments in cryptocurrencies and will now be subject to both cyberbullying and physical bullying on a larger scale than previously experienced,” Gal said. used the expressions.
Statement from Ledger
In the statement made by the crypto money wallet manufacturer Ledger, it was stated as follows:
“Today we received the information that the content of the Ledger customer database was published in Raidforum. We are still verifying it, but the first signs show us that this may actually be the content of our e-commerce database in June 2019. We were aware of this data breach. We previously warned the authorities, users, and we’ve been fighting attacks ever since. It would be too light to say that we sincerely regret this situation. We take privacy very seriously. Preventing such situations is a top priority for our entire company, and we have learned valuable lessons that will make Ledger safer. We’ve done everything possible since July to make Ledger stronger. We hired a new Chief Information Security Officer. We are further consolidating our already powerful systems and we have thoroughly reviewed our data policy. We conducted penetration tests and forensic analysis with security companies to find and test additional vulnerabilities in our e-commerce systems. We collaborate with law enforcement to prosecute and stop hackers. We had more than 170 websites closed since the first breach. We have notified the French data protection authority about the data breach, and we work with other data protection authorities around the world. Our customer support team also works 24/7 to answer your questions. ”
What should users do?
As the Ledger company points out, never share your wallets’ 24-word recovery words with anyone. Ledger will not charge you for them. Also, Ledger will not contact you via text message or phone call.