Ledger Confirms Customer Data Exposure Through Payment Processor Global-e

Source: CryptoTale Original Title: Ledger Confirms Customer Data Exposure Through Global-e Systems Original Link:

Overview

• Unauthorized access at Global-e exposed Ledger customer names and contact details.
• Ledger confirms that funds recovery phrases or private keys of wallets were not accessed.
• Security experts warn that leaked contact data increases phishing and scam risks.

Incident Details

Hardware wallet maker Ledger is dealing with a fresh data exposure after unauthorized access occurred inside the systems of its third-party payment processor Global-e. The incident involved personal customer details such as names and contact information taken from Global-e’s cloud infrastructure. There is no indication that wallet funds, private keys, or recovery phrases were compromised at any point.

Global-e notified affected customers by email, stating that it detected unusual activity within part of its cloud environment and launched an investigation. The message did not disclose how many Ledger customers were impacted or the exact timing of the exploit. The notification first circulated publicly after being shared by blockchain investigator ZachXBT on social media.

Ledger confirmed the incident, stating the breach occurred entirely within Global-e’s systems. The company said Global-e acted as the data controller and therefore issued the customer notifications.

Third-Party Breach Confirmed

Global-e said it identified irregular activity and quickly applied security controls to contain the issue. The company then brought in external forensic specialists to review the incident in detail.

That review confirmed improper access to a limited set of personal customer data. Global-e told customers that investigators confirmed “some personal data, including name and contact information, were improperly accessed.” The statement did not reference payment details or authentication credentials.

Ledger later echoed those findings. The company said unauthorized access affected order data stored within Global-e’s information systems. Ledger repeated that the incident did not touch its internal infrastructure, devices, or applications.

Ledger Response and Security Scope

Ledger stressed that its self-custodial products remain unaffected by the incident.

The company clarified that Global-e cannot access recovery phrases, wallet balances, or digital asset secrets. Ledger said its hardware and software systems continue operating normally.

“This was not a breach of Ledger’s platform, hardware, or software systems,” the company said.

It added that Global-e only processed purchase and order-related information for customers buying through Ledger.com. The company also explained why Global-e contacted customers directly. Ledger said Global-e controlled the affected data and therefore held responsibility for breach notifications. As of publication, neither firm has released an estimate of affected customers.

Historical Context and Ongoing Risks

The incident follows several past security events involving Ledger. In June 2020, a misconfigured third-party API exposed marketing and e-commerce data. That breach leaked roughly one million email addresses and detailed contact data for 9,500 customers.

In 2023, attackers exploited a compromised software library linked to Ledger. The attack drained between $484,000 and $600,000 in cryptocurrency within five hours.

Security experts continue to warn that leaked contact data can fuel social engineering attacks even without wallet access. Some recommend using minimal or alternative contact information when purchasing hardware wallets to reduce the effectiveness of targeted phishing if databases become exposed.