Addresses of 270,000 Ledger crypto wallet users leaked to the network

Bleeping Computer reports that email addresses and physical addresses of 270,000 Ledger hardware wallet users have leaked into the network. A text file with these addresses was found on one of the hacker forums.

Journalists remind that the Ledger company suffered from a data leak this summer, and a vulnerability on the manufacturer’s website allowed attackers to gain access to users’ contact information. Now the hackers have published an archive containing two text files named All Emails (Subscription).txt and Ledger Orders (Buyers) only.txt, in which data stolen in the summer can be found.

For example, the All Emails (Subscription).txt file contained the email addresses of 1,075,382 people who signed up for the Ledger newsletter. The Ledger Orders (Buyers) only.txt file is more important because it contains the names and mailing addresses of the 272,853 people who purchased the Ledger devices.

Cyble specialists shared the leaked data with Bleeping Computer, and together with reporters, they checked authenticity of the information. According to experts, this data has been sold on the black market since August 2020. Ledger also confirmed on Twitter that this dump is most likely related to a summer data breach.

“Today we were alerted to the dump of the contents of a Ledger customer database on Raidforum. We are still confirming, but early signs tell us that this indeed could be the contents of our e-commerce database from June, 2020. We were aware of this data breach, alerted the authorities, our users, and have been fighting downstream attacks ever since”, — told Ledger representatives.

The publication notes that the stolen data can be used for phishing attacks against the owners of Ledger. The fact is that since October 2020, Ledger users have already been bombarded with phishing emails disguised as an official warning about data breaches. In such letters, the user is prompted to download a new version of Ledger Live, allegedly to protect their cryptocurrency assets with a new PIN.

If hackers catch a user, he downloads and installs the fake Ledger Live app, and they will ask him to to enter a passphrase and passphrase. Of course, this information will then be immediately sent to attackers who can use it to steal the victim’s cryptocurrency.

Let me remind you that vulnerability in Android app GO SMS Pro leaks data exchanged between users. This data was also later found on the network.