Ledger user database leak is confirmed
Moreover, the problem is no longer so much in the leak itself as in the fact that this data has become available to the general public. This was announced by Alon Gal, a network security expert.
As it became known, back in the middle of 2020, an unknown person stole the database using an API key. We are talking mainly about e-mail addresses, but in some cases - about real names, postal addresses, phone numbers, and lists of purchased goods and services. That is, just over a million email addresses and almost 270 thousand data on various orders. But access to payment information and the cryptocurrencies themselves, fortunately, was not obtained. But that doesn't diminish the problem.
Alon Gal discovered that the stolen information is being sold on some popular anonymous hacking forums, with an initial price of 5 BTC. But at the moment, you can download it absolutely free.
Alon's concerns were supported by other experts, for example, the analyst of The Block service, Larry Cermak, who confirmed the veracity of a significant part of the data received in free access. In his opinion, this promises huge problems for Ledger users, especially those who actively used their wallets. Which have already slowly begun to happen.
A number of users confirmed that phishing emails began to arrive at their email address, to which cryptocurrency wallets are attached, requiring them to click on the attached link with re-identification. Moreover, this was reported even by those persons to whom the company directly announced the safety of their specific personal data.
Representatives of Ledger confirmed the leakage of information, expressed "deep regret" and recalled the most important point of network security - the need to keep secret the seed phrase that controls access to the wallet.
All this is a serious blow to both the reputation of the Ledger company in particular, and to similar services working with cryptocurrencies, in general. After all, what kind of anonymity can we talk about if the database can be first stolen and then distributed over the network? After all, not only bitcoins in the wallet are valuable, but also information about their presence in it. So, companies that provide various methods of storing cryptocurrencies should reconsider their approach to the security of all stored information. And users should be more careful about network security.
Representatives of Ledger confirmed the leakage of information, expressed "deep regret" and recalled the most important point of network security - the need to keep secret the seed phrase that controls access to the wallet.
All this is a serious blow to both the reputation of the Ledger company in particular, and to similar services working with cryptocurrencies, in general. After all, what kind of anonymity can we talk about if the database can be first stolen and then distributed over the network? After all, not only bitcoins in the wallet are valuable, but also information about their presence in it. So, companies that provide various methods of storing cryptocurrencies should reconsider their approach to the security of all stored information. And users should be more careful about network security.
Published on the EXBASE based on materials from bitnovosti.com