Ledger and Shopify were caught in a class action lawsuit over a massive data breach that stole the personal information of 270,000 customers with hard wallets between April and June 2020.
Phishing victims John Chu and Edward Patton filed a lawsuit in California against crypto wallet supplier and e-commerce partner Shopify on Tuesday.
The prosecutor argued that the companies “tolerated negligence, ruthlessly ignored, and then carefully tried to cover up” the data breach. The data was stolen when junk Shopify employees opened Ledger’s corporate e-commerce and marketing database, and then the hackers sold the data on the dark web.
“If Ledger had acted responsibly during this period, much of this loss could have been avoided,” they say.
The spouses seek compensation for the damage caused by the violation and demand “all remedies permitted by law, including restitution in the form of injunctions.” Chu lost $ 267,000 in Bitcoin (BTC) and Ether (ETH), while Baton lost $ 75,000 in Stellar (XLM) due to phishing imitating corporate correspondence.
Details including full names, emails, phone numbers and delivery addresses were finally released on RaidForums in late December. In particular, the lawsuit accuses Ledger of failing to “mark each offended client or fail to acknowledge the full extent of the violation.”
“Error behavior from Ledger and Shopify has become a target for Ledger customers whose identities are known or available to all hackers in the world. Ledger’s incomplete response has steadily exacerbated the damage. Failure to notify each aggrieved client individually or to acknowledge the full extent of the abuse. ”
Although it was not originally established whether the company was aware of the full extent, in July 2020 it published a blog that 9,500 users had been leaked at that time.
Ledger fully acknowledged the data breach on January 13 in a blog post confirming that access to his user database was the result of a Shopify hack, while announcing changes to how data is stored and communicated to customers, and also offered a 10 BTC bonus box for information leading to hijacking of hackers. And they have been successfully tested.