Ledger Data Leak is The Reason we Defi: Decentralized Protocol "Aave"founder said
December 22, 2020 1:08 PM
Ledger Wallet Data Leak Dumped on Raidforums
Just recently, the hardware wallet manufacturer Ledger has been dealing with a lot of criticism for the e-commerce customer data leak that took place last June. The data contained the emails of a million Ledger wallet customers, and thousands of clients had additional information leaked like phone numbers and residential addresses. Reports now detail that the hackers have dumped the Ledger leak data on the sharing marketplace Raidforums for free.
Hackers Dump Ledger Wallet E-Commerce Customer Data on Raidforums
One of the most topical conversations in the cryptocurrency space in the last 24 hours has been the notorious Ledger wallet e-commerce customer data leak. According to the hardware wallet manufacturer’s own testimony, the e-commerce marketing database was breached on June 25, 2020. They found out the database was exploited after a researcher tipped the company off on July 14, 2020, and they initiated an internal investigation.
“Contact and order details were involved. This is mostly the email address of our customers, approximately 1M addresses,” Ledger wrote at the time of discovery. “Further to investigating the situation we have also been able to establish that, for a subset of 9,500 customers were also exposed, such as first and last name, postal address, phone number or ordered products.”
Ledger Wallet Data Leak Dumped on Raidforums for Free, Company Regrets the Situation
The Raidforums post details it has published the Ledger wallet e-commerce customer database leak with 272,000 full info orders.
The cofounder and CTO of Hudson Rock otherwise known as “Under the Breach” also reported on the data dump.
“ALERT: Threat actor just dumped Ledger’s database which has been circling around for the past few months,” he tweeted. “The database contains information such as Emails, Physical Addresses, Phone numbers, and more information on 272,000 Ledger buyers and Emails of 1,000,000 additional users. This leak holds [a] major risk to the people affected by it.”
The security expert added:
Individuals who purchased a Ledger tend to have a high net worth in cryptocurrencies and will now be subject to both cyber harassments as well as physical harassments on a larger scale than experienced before. Other forum members are not appreciating the leaker taking away their potential 6 figure sales for this database.
Ledger Responds, Regrets the Situation
Ledger’s official Twitter account also discussed the data dump on Sunday. “Today we were alerted to the dump of the contents of a Ledger customer database on Raidforums,” the company tweeted. “We are still confirming, but early signs tell us that this indeed could be the contents of our e-commerce database from June 2020.”
The hardware wallet manufacturing company also added:
It is a massive understatement to say we sincerely regret this situation. We take privacy extremely seriously. Avoiding situations like this are a top priority for our entire company, and we have learned valuable lessons from this situation which will make Ledger even more secure.
Ledger says that since July the firm has done “everything possible to make Ledger stronger for the future” and also hired a new Chief Information Security Officer (CISO). The company says that it is “further hardening” its systems and have thoroughly reviewed their data policy. “We executed penetration tests and forensic analysis with external security firms to test these and find any additional vulnerabilities on our e-commerce systems,” Ledger added on Sunday.
while this was reported the founder of one of the largest Decentralized protocol "AAVE" made a post on LinkedIn saying:
"ledger Data Leak is a total failure from ledger. However, imagine how much data is at stake on centralized exchanges and in NEO banks. lesson learned why you should not give data for financial transactions. This is why we DeFi"
The DeFi protocols have proven to be an emerging space with various Other DeFi projects showing strong price movement, setting new higher highs proving more users are now adopting these protocols which involves high risk for high rewards.