Ledger Security Breach Compromises Customer Data via Third-Party Provider

Ledger, a prominent hardware crypto wallet provider, experienced a major security breach on January 5, due to its third-party crypto payment service provider, Global-e. This follows another incident earlier in the year where $107,000 was drained from various crypto wallets.

Key Details of the Ledger Incident

ZachXBT, a blockchain investigator, reported that Ledger's customer data was compromised through Global-e.
Unauthorized access affected personal information such as names and contact details.
Ledger confirmed unusual activity within its cloud infrastructure linked to Global-e and is working with forensic experts.
This incident raises ongoing concerns about crypto security, similar to recent issues faced by Trust Wallet and MetaMask users.
It is not the first breach for Ledger; previous incidents occurred in 2020 and 2023, impacting customer data and DeFi applications.

Official Response from Ledger

Ledger assured that wallet funds and private keys remain secure, with no evidence of compromise.
The company stated that customers’ payment information was unaffected.
The breach was confined to Global-e’s systems, not Ledger's core infrastructure.
Ledger emphasized that their product is self-custodial and Global-e has no access to critical user data.