A detailed look at the Ledger data leak and other recent incidents

Quick Take

  • Despite what Ledger initially stated, a database containing the personal information of over ~273,000 Ledger customers has been freely released yesterday
  • Out of these people who have purchased a Ledger, 33.9% have sent the devices to the United States
  • About 51.3% used Gmail as their email account, followed by Hotmail (10.5%)

Time and time again, centrally stored information has been breached by hackers. This has been reflected in the amount of money that companies are investing in their cybersecurity. According to a report by Gartner, worldwide information security spending is expected to grow 2.4% to reach $123.8 billion in 2020.

In 2017, a hack on US Credit agency Equifax exposed confidential information of 143 million Americans. Even though the Equifax hack was not the largest breach in history, the most sensitive data was stolen, including names, date of birth, Social Security Numbers (SSN), addresses, and in some cases even driver’s licenses and credit card numbers. 

10 Largest Data Breaches

Source: The Block Research

Hundreds of millions of people have been affected by breaches of centralized databases. Affected individuals should always use multi-factor authentication and be wary of identity fraud and phishing. If sensitive personal information such as home address has been leaked, there is often nothing that can be done.

Crypto data breaches

Getting access to the data of cryptocurrency users is even more attractive to hackers since the money exists outside of the financial system and since transactions are irreversible.

There have been multiple breaches of cryptocurrency companies in the last two years. The most high profile breaches include BitMEX, BlockFi, and Ledger.

Most recent crypto-related data breaches

Source: The Block Research

Analysis of the Ledger leak

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

In July, Ledger publicly disclosed that it had suffered a data breach in June that compromised customer data. At that time, Ledger noted that the breach included 1 million e-mail addresses and had personal information on 9,500 customers. 

Despite what Ledger initially stated, a database containing the personal information of over ~273,000 Ledger customers has been freely released yesterday on a hacking forum Raidforum. The database, reviewed by The Block, contains the emails, physical addresses, and phone numbers of Ledger hardware wallet buyers.

In its current form, there are 272,852 names with corresponding e-mail addresses, residence addresses (or PO boxes), and phone numbers.

Out of these people who have purchased a Ledger wallet, 33.9% have sent the devices to the United States, followed by Germany (8.7%), United Kingdom (7.5%), France (6.1%), Canada (4.7%) and Australia (4.2%).

Source: The Block Research

About 51.3% used Gmail as their email account, followed by Hotmail (10.5%), Yahoo (7.8%), GMX (2.1%), Outlook (1.9%), and Protonmail (1.9%). Nearly 16% of all Ledger buyers used little know domains.

Source: The Block Research

There are less than 50 people who have purchased Ledger from an email account related to a country’s government. These include the U.S. (Department of Justice, Secret Service, National Institutes of Health, Centers for Disease Control and Prevention, National Renewable Energy Laboratory, Department of Water Resources), Singapore (Government Technology Agency and Examinations and Assessment Board), and some others like Australian Taxation Office, Department of Education of the Philippines, Turkey’s Ministry Of Culture and Tourism, Australian Government, Brazil’s Attorney for the National Treasury and New Zealand Police.

Conclusion

Due to hardware wallets being a near essential purchase, Ledger’s leak did not only affect the highest amount of people, but it also leaked potentially threatening personal information. This incident should serve as a valuable lesson to start using privacy-preserving PO boxes rather than home addresses for cryptocurrency-related purchases. Before this database had been leaked publicly, it was allegedly selling for slightly less than $100,000 on the dark web. And there is a reason why some bad actors were willing to pay that much.


© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Larry joined crypto research full time in early 2017 and has expertise in capital markets, market structure and early stage DeFi companies/protocols and token economics. He has a background in economics and finance.