Crypto Hardware Wallet Maker Ledger Warns Customers Of Data Breach
By RTTNews Staff Writer | Published: 7/29/2020 10:32 AM ET
Crypto hardware wallet maker Ledger has warned its customers about a data breach on the Ledger website in June and July, which has compromised contact and order details of 9,500 customers as well as 1 million email addresses.
Meanwhile, the company confirmed that payment information, passwords or credentials and crypto funds are safe as the data breach has no link with its hardware wallets or Ledger Live security and crypto assets.
Ledger was informed about a potential data breach on July 14 by a researcher participating in their bounty program. A week after patching the breach, the company came to know about an earlier breach in late June by an unauthorized third party.
This breach had compromised e-commerce and marketing database used to send order confirmations and promotional emails, These consisting mostly of email addresses, but with a subset including also contact and order details such as first and last name, postal address, email address and phone number.
The unauthorized third party had access to a portion of the e-commerce and marketing database through an API Key. The API key has been deactivated and is no longer accessible.
The company said it was able to fix issue immediately after a detailed internal investigation with third party experts as it was limited to ecommerce and marketing contact information.
The company is also actively monitoring online marketplaces for evidence of the stolen database being sold on the internet, but it has found none so far.
Ledger had notified the French Data Protection Authority, CNIL, about the data breach on July 17. It then partnered Orange Cyberdefense on July 21 to assess the potential damages of the data breach and identify potential data breaches.
Following the assessment, it was concluded that the ecommerce and marketing database has been breached. The company said it has already informed all affected customers through an email.
For comments and feedback contact: firstname.lastname@example.org
Article written by an RTT News Staff Writer, and posted on the RTT News.com website.
Article reposted on Markethive by Jeffrey Sloe