Ledger data breach: Hacker leaks stolen database on hacker forum

Ledger was involved in a data breach in July 2020 and now a hacker has leaked the data that was stolen 5 months ago. Here’s what happened.

Ledger was involved in a data breach in July 2020 and now a hacker has leaked the data that was stolen 5 months ago.

Back in July this year, Hackread.com reported on a data breach involving Paris, France based hardware wallet provider Ledger. The incident took place on July 25th, 2020 in which attackers stole the personal data of customers and subscribers.

Ledger was quick to acknowledge the breach revealing that the stolen data contained email addresses full names, postal addresses, phone numbers, and details related to products ordered by customers.

Now, Hackread.com can confirm that a threat actor is claiming to have leaked the same Ledger database on an infamous hacker forum.

It is worth noting that the stolen database was already being sold on several dark web marketplace since it was stolen 5 months ago.

Hacker forum where the database has been leaked (Image: Hackread.com)

As for the latest leak; Hackread.com has seen the database, and according to our analysis, it seems to be legitimate. There are two text files in the leaked folder one belonging to Ledger customers and the other of its subscribers. The latter contains data of 272,854 users including:

Full names
Postal addresses
Email addresses
Phone numbers

The second text file contains the email addresses of 1,075,383 Ledger subscribers.

Screenshot from the leaked data (Image: Hackread.com)

The good news is that there are no passwords in the database however at the time of publishing this article, the leaked database was already available on different hacking forums including an infamous and highly active Russian language one.

It is noteworthy that the July data breach came to light after a bug bounty hunter reported the incident to the company. Despite them immediately taking action and patching the flaw in a short period of time, only a few weeks later on the 25th of July, they found out it had been “further exploited” by the attackers.

In a statement at that time, Ledger said that:

On the 17th of July, we notified the CNIL, the French Data Protection Authority which ensures that data privacy law is applied to the collection, storage, and use of personal data. On the 21st of July, we partnered with Orange Cyberdefense to assess the potential damages of the data breach and identify potential data breaches.

We have contacted Ledger for a statement and this article will be updated accordingly. Meanwhile, Ledger customers and subscribers are advised to watch out for phishing emails that can be sent by hackers to steal your data.

Those having their phone numbers leaked should watch out for SMS phishing (Smishing) and refrain from clicking any link received from unknown senders.


Ledger has responded to our email directing us to their official Twitter account where the company has addressed the issue in a series of tweets.

Did you enjoy reading this article? Don’t forget to like our page on Facebook and follow us on Twitter

Related Posts