Ledger’s database that stores the personal information of thousands of customers has just been published for the whole world to see. Ledger is the largest cryptocurrency hardware wallet company that allows users to manage, store, and sell cryptocurrency. This recent leak of information is the result of a data breach Ledger suffered in June. The hacked data from June that was recently leaked contains 272,854 customer emails, physical addresses, full names, and a list of 1,078,382 emails from Ledger’s marketing campaign. It is important to note that Ledger’s users’ passwords and usernames were not compromised in this breach.

As a result of this leak, users are being heavily targeted by numerous threat actors. These users are at risk of receiving phishing emails, phone scams, ransomware threats, and more. According to BleepingComputer, Ledger users have already received many phishing emails in which malicious actors are pretending to be Ledger. One of many phishing emails advises users to download a fake Ledger app which prompts users to input their secret recovery phrase and passphrase. If succeeded this allows hackers to steal the user’s cryptocurrency assets.

Aside from phishing scams, users are receiving ransomware threats. Threat actors are sending emails to Ledger users threatening them for money. These actors are leveraging the fact that they have your address and other personal information. One user received an email from a threat actor demanding $500 claiming they will invade their home if the amount is not paid.

What Can Ledger Users Do?

1. Never share your recovery phrase or secret passphrase with anyone! Even if these requests are from a person claiming to be an associate of Ledger. Ledger has made it known that they will never ask you for them and that they will never contact users via text messages or phone calls.

2. Utilize HEROIC’s free and private email security scan. This scan allows anyone to check if their email and other personally identifiable information have been posted online. HEROIC’s scan uses HEROIC’s DarkHive, the world’s largest database of compromised credentials, to alert anyone if their email and respective information have been hacked, leaked, or compromised.

3. Be on alert for phishing scams. If you receive an email from someone claiming to be from Ledger, do not click on any attachments or links. It is crucial to authenticate the sender first. Threat actors are using domains that are very similar to Ledger’s at a quick glance such as: “ledqer”, “legder”, “ledgёr”, “leqder”, and more.

Ledger put out a statement listing their authentic domains:


4. Never pay the ransom. If you receive a ransomware threat, do not respond, or pay. Instead, report it to your local authorities and/or the FBI. You can also submit the incident to the FBI’s Internet Crime Complaint Center (IC3).

5. Get HEROIC Guardian for advanced personalized protection. HEROIC Guardian combines big data, A.I, and the blockchain to detect and destroy cyber threats in real-time. Guardian features continuous account monitoring, identity theft protection, integrated apps, and more. Guardian provides real-time alerts and results to users following quick remediation of any breaches.

It is important to know that Ledger is working hard to support its users after this breach, and they have even taken down 171 phishing websites. Your wallet, 24 password seed, and username data are safe and were not impacted by this breach. Ledger user’s accounts are not directly compromised and the main threat they face from this leak is from scams. Remain skeptical and be cautious of emails, phone calls, texts, and more.

Ledger Update

Ledger Security Best Practices