Bad news for Ledger customers. The French cryptocurrency wallet maker has announced that the number of victims of last year's cyberattack has increased further. According to the company, 20,000 other customers are affected by this incident. Ledger was not notified by Shopify until December 23, 2020. “ Dishonest members of our support team have obtained transaction records from customers, including those from Ledger. The agent (s) illegally exported customer transaction records in April and June 2020, ”said the e-commerce platform in charge of managing Ledger's sales.
Last July, Ledger announced that the security breach affected only 9,500 customers. This number climbed to 272,000 in December 2020. To this must be added the 20,000 new stolen customer files. A total of 292,000 Ledger customers have had their personal information stolen, including their names, mailing addresses, phone numbers and the products they ordered.
Hackers also got hold of the email addresses of a million customers and other identifying information.
Stolen information posted on RaidForums
The hackers didn't just steal the personal data of Ledger's customers, they also leaked the information to RaidForums. This is notably a platform that cybercriminals use to post, sell and buy stolen information.
The security breach has put Ledger's clients in a difficult position. The firm reports in a blog post that since the publication of their personal data on RaidForums " Ledger customers have been victims of phishing attacks and have received threats from hackers by phone and email ."
Ledger obviously did not sit idly by in the face of the situation. In addition to having filed complaints with the Paris prosecutor's office, the French start-up reported the incident to the CNIL.
In addition, the company is currently researching information that may lead to cybercriminals targeting its customers. The company promises a reward of 10 BTC, or around 295,000 euros.