Just recently, reports of the Ledger customer database breach being dumped on Raidforums for free has become a viral story among cryptocurrency proponents. Now customers are threatening to take legal action against the hardware wallet manufacturer, and one customer has complained of getting an email threatening him with a home invasion.
The Ledger wallet customer database leak has caused a lot of anger toward the hardware wallet manufacturer from France. On December 20, 2020, the hackers dumped Ledger’s e-commerce customer database on a well known hacker forum. The dump contained the emails of a million Ledger customers, but the files also held other customer identity information, like the person’s phone number and residential address.
Following the dump, a great number of cryptocurrency proponents discussed the situation on social media and crypto-related forums.
“Ledger, how in the hell does that happen with a business whose primary focus should be nothing but security?” one individual asked on Twitter. “This is unacceptable and inexcusable. There’s absolutely nothing that can be said at this point. This is bad on so many levels,” he added.
Additionally, the well known law firm Roche Cyrulnik Freedman LLP (RCFLLP) partner Kyle Roche tweeted that the firm has launched an investigation into the data leak. “RCFLLP has launched an investigation into the Ledger data breach incident,” Roche said. “If you own a Ledger device and lost any of your crypto holdings due to a phishing attack on your device, please reach out to me.”
Another alleged phishing attempt wants the user to submit KYC info using a Google document.
Another upset Ledger customer wrote to the company on Twitter after Ledger disclosed they were aware of the recent dump on Raidforums. “I’m going to take legal action against you very soon,” the individual responded to Ledger’s tweet. In another instance, one Ledger customer said his home address was targeted and he was asked to pay a ransom.
“If not, I’m not afraid to show up when you least expect it and see how my wrench works against your face, or maybe even wait for you to leave your home and take your belongings whilst you’re not there to call the police,” the threatening email details. The email asks for $500 and says that due to the recent crypto price pump, paying the blackmail shouldn’t be a problem.
“Strap in for scareware,” software engineer Jameson Lopp tweeted after sharing the email screenshot. A Ledger customer responded to Lopp’s tweet and the message he received said he had to sign up for know-your-customer (KYC) and was given a Google document to fill out.
“LMAO, I got this [message],” the customer wrote. “They should’ve found out I gave wrong info to Ledger [to] try to hack me this way. Too cheap,” he added.
Furthermore, Ledger CEO Pascal Gauthier told decrypt.co’s Tim Copeland today that the firm won’t reimburse customers. “When you have a data breach of this magnitude for such a small company, we won’t reimburse for a million users, all the devices, that’s just not possible,” Gauthier said to Copeland.
<Source: Bitcoin News>