The hacker is likely to be the culprit responsible for the security breach in the ledger in July. He recently deleted a large amount of data and leaked the personal information of more than 270,000 customers, including phone numbers and physical addresses. The leak also included one million emails from Ledger wallet owners and customers who signed up for the company’s newsletter service.
In the chaos caused by the accident, Ledger focused on improving the security infrastructure, rather than compensating users for any losses. At the same time, it is reported that some of the affected customers are considering taking legal actions against the company in the form of class actions.
The leakage of customer data in the ledger also provided new support for the debate against the implementation of other KYC compliance agreements. Critics argue that such measures encourage targeted cyber attacks and are designed to leak critical personal data.
More than 270,000 personal account details were hacked
As mentioned earlier, hackers are believed to be responsible for the leak of the Ledger e-commerce database in July, bringing the personal information of thousands of affected users online. The company has been accused of failing to provide better protection for user data on social media and failing to minimize the initial hacking. At the time, the hardware wallet manufacturer announced that only 9,500 customers were affected by the security breach.
In order to address the reported inequality in the number of infected people, Ledger issued a statement on December 21, announcing that the leaked substances covered more than what he could analyze earlier this year. However, the company guarantees that customer funds will remain safe, adding: “This data breach has no connection or impact to our device or application wallet or your funds. Your crypto assets are safe. Although very unfortunate and honest, This violation only affects information related to e-commerce.”
In response to the incident on Twitter, Ledger CEO Pascal Gautier said that leaks indicate that the threat of cyber attacks is increasing. When Gauthier appeared on the “What Bitcoin Did” podcast with Peter McCormack, he commented on the nature of this hack and pointed out that it was the result of a loophole in the company’s e-commerce department.
“This is a wrong API key. The key is encoded on the map client and cannot be imported into the database from the storage where the encoding location is wrong. Therefore, the encoding is performed at a location that should not be encoded, so the database is vulnerable to attack.” Gao Die
In view of the response to the leak, some cybersecurity experts emphasized that this incident once again showed that database administrators did not provide encryption when storing user data. The CEO of Ledger commented on the lack of encryption of API keys and added that it is a mistake not to intentionally compromise customer security by not hashing API keys.
Robin Merry, CEO of wallet manufacturer NGRAVE, commented on the leak, noting that the incident reflects the rapid growth of crypto companies, but at the expense of security considerations. He added: “Many online platforms have been hacked, not necessarily because of the hacker’s skills. Usually, the platform’s security management is weak, let alone implemented.”
Threat software and other risk factors
The data leak triggered another round of phishing attacks as fraudsters (now equipped with ledger users’ emails) tried to trick wallet customers into revealing their original 24-word phrases. Even before the data is released, these fake emails are sent regularly.
However, disclosing phone numbers and personal addresses may expose ledger users to more risk factors. Some users report SIM card attacks that try to exchange their numbers with hackers, most likely trying to break the two-factor authentication protocol.
In the past, cryptocurrency investors have been the target of SIM swap attacks. In June, Richard Yuan Lee was charged with conspiracy to commit Internet fraud, which involved a series of SIM card exchange attacks against more than 20 people.
In addition to phishing attacks and SIM exchanges, data leakage also brings the possibility of threats beyond the threat tools entering the field