Hardware wallet giant Ledger is dealing with a data exposure incident, this time linked to its third-party payment processor Global-e, according to pseudonymous blockchain sleuth ZachXBT.
A notification email sent to customers and shared by the researcher on X said the breach involved unauthorized access to Ledger users’ personal data, such as names and contact information, from Global-e’s cloud system.
The email did not reveal the actual number of affected customers or specify when the exploit occurred.
In 2020, Ledger experienced a data breach that exposed information on 270,000 customers through its e-commerce partner Shopify. In 2023, Ledger was hacked for nearly $500,000, affecting several decentralized finance applications.
Global-e said it detected unusual activity and quickly implemented controls while launching an investigation, which verified inappropriate access.
“We engaged independent forensic experts to conduct an investigation into the incident and were able to determine that some personal data, including name and contact information, was improperly accessed,” the email said.
Ledger’s social media channels show no active incidents, urging vigilance yet.
CoinDesk has contacted Ledger for comment.
