hacker, ledger

Ledger users are threatening legal action after the hacker dumps personal data

The hacker that violated the marketing database of hardware wallet provider Ledger. Earlier this year released personal data for thousands of users, prompting many to threaten the company with a class-action lawsuit.

A hacker allegedly behind the violation of personal data from hardware wallet Ledger in June made all the information they acquired available online. According to a tweet from network security firm Hudson Rock’s Alon Gal. This allegedly includes 1,075,382 email addresses from Ledger newsletter subscribers. And 272,853 hardware wallet orders with data including email addresses, physical addresses, and phone numbers.

“This leak holds major risk to the people affected by it,” said Gal. “Individuals who purchased a Ledger tend to have high net worth in cryptocurrencies and will now be subject to both cyber harassments as well as physical harassments in a larger scale than experienced before.”

Ledger said released information was from June data breach

Ledger said “early signs” in a response on Twitter seemed to confirm. That the information released was from the June data breach that compromised the personal data of many of its users. Many Ledger users reported being targeted through phishing attempts, following news of the hack. Some said they got persuasive-looking emails asking them to download a new version of the software from Ledger.

“We are continuously working with law enforcement to prosecute hackers and stop these scammers,” said Ledger. “We have taken down more than 170 phishing websites since the original breach.”

Many users were apparently unsatisfied with Ledger’s response after experiencing months of reports on phishing attacks.

“If any lawyers want to start a class action suit, Iā€™m sure many of us will jump on board,” said Twitter user Ryan Olah. “This has just gotten 10,000x worse now.”

Tokens are likely not in danger of being syphoned out of Ledger wallets

Although someone’s tokens are most likely not in danger of being syphoned out of Ledger wallets. By falling into the affected emails or phone numbers for such phishing attempts. Users could potentially compromise their own funds. Many have reported that they have tried to trick such attacks into giving up their seed phrases, prompting Ledger to repeat:

“Never share the 24 words of your recovery phrase with anyone. Even if they are pretending to be a representative of Ledger. Ledger will never ask you for them. Ledger will never contact you via text messages or phone call.”

However, some Ledger users have pointed out that phishing assaults are just one possible threat. That they may face now that their physical addresses are public. As was the case with Singaporean businessman Mark Cheng in January. Individuals with a large number of crypto holdings run the risk of being kidnapped. And held until they give up their tokens.

“This is a serious breach and I am concerned that people now have our addresses,” said Twitter user Paul Smith. “What’s stopping them from knocking on our doors? Saying sorry, frankly, isn’t enough.”