Subscribe & Save 5% on Cryptonary Pro!
Cryptocurrency News

Hacker dumps hardware wallet ledger database for free on Raidforums

  • A hacker is dumping Ledger’s database containing more than 1 million email addresses on a database marketplace for free.
  • Ledger says the database is from the breach that happened in July this year.
  • The dumping of the database could potentially lead to a significant increase in phishing attempts against Ledger customers.

A hacker is dumping the database of cryptocurrency hardware wallet Ledger for free on database sharing and marketplace Raidforums.

In a post on the forum, a user who goes by the name Burgulema111 told community members that the hardware’s database was uploaded for free.

“Today I have uploaded the Database for you to download for free, thanks for reading and enjoy!”

Hacker dumps database on Raidforums for free | Credit / Twitter

According to the post, the data breach happened back in July after a website vulnerability allowed the hacker to gain access into the wallet’s customer’s details. The database was sold for 5BTC at the time on one of the forums.

The leak contains 2 .TXT files containing more than 1 million emails that have subscribed to the newsletter and 272.853 orders with full customer details (emails, addresses, and phone numbers).

Ledger addresses database dump

Ledger responded to the claims of the leaking of a database containing customer details. While the company is confirming the contents of the leak, they acknowledged that “early signs tell us that this indeed could be the contents of our e-commerce database from June 2020.”

Ledger is aware of the breach that took place in July. The company claims to have alerted the relevant authorities, users, and have taken steps to fight downstream attacks.

At the time, the company announced on its website that its e-commerce and marketing database was breached, exposing approximately 1 million emails and customer details that include emails, first and last names, phone numbers, postal addresses, and the product bought.

The hacker managed to gain access to the database by using a third-party API that was misconfigured on Ledger’s website. No customer funds were compromised as the attacker did not get hold of the users’ private keys and recovery phrases.

To ensure that this does not happen again, the company said that it strengthened its security system, reviewed the data policy, and hired a new Chief Information Security Officer (CICO).

What to expect

Ledger claims to have “taken down more than 170 phishing websites since the original breach.” However, this is not where the buck stops.

With the database now in the public domain where it can be easily accessed by hackers and nefarious actors, there are high expectations that phishing attacks, possibly targeting the Ledgers customers, will be on the rise.

Some of the phishing scams that Ledger users need to watch out for include actors pretending that new Know-Your-Customer (KYC) rules are due. Ledger is only a wallet and not an exchange and does not do KYC. 

Other phishing attempts will pretend that a user’s Ledger wallet has been deactivated and ask for recovery phrases or private keys for KYC purposes.

Other instances pretend that a breach has occurred and in an effort to save funds, users are at risk of downloading a fake version of Ledger’s Live app.

For now, it is up to Ledger’s customers to guard themselves against falling victims to phishing attacks.

Sign up for our FREE mailing list

Join 12,590 others now and get actionable research and analysis sent directly to your inbox.

Post a Comment


Delivered to your inbox, every Sunday evening.