Ledger confirmed that a payments-partner data breach exposed the names and contact information of Ledger customers, with only those who purchased Ledger.com using Global-e as Merchant of Record potentially impacted. An unauthorized party gained access to a Global-e cloud-based information system containing shopper order data from several brands. Global-e did not immediately respond to comment, and Ledger declined to disclose how many customers were affected. The leaked data provides attackers with contact details that can be exploited in phishing campaigns against crypto users.
The incident comes amid ongoing crypto-security challenges, as scams targeting crypto holders remain a perennial issue. ScamSniffer estimated almost $84 million was stolen in phishing attacks in 2025, underscoring the real-world risk to Ledger users and other crypto holders. Ledger’s history of data breaches includes a 2020 incident affecting hundreds of thousands of customers and Shopify’s 2020 data leak involving Ledger customer data.
The broader context includes wrench attacks—where criminals use leaked personal data to target high-profile crypto holders—highlighting the potential consequences of data breaches. These leaks can expose contact details that can be exploited in phishing campaigns against crypto users.
Leave a Reply