Security alert: Ledger users receive scam letters for urgent quantum resistance update

According to new reports, scammers have resorted to physical mail to defraud Ledger wallet hardware users, sending threatening letters that prey on fears of quantum computing

Reports allege that victims have been receiving professionally printed letters from what appears to be Ledger, requesting a Quantum Resistance Security Update for the Ledger device they possess.

These letters contain QR code links that are meant to take them to phishing sites where their 24-word seed phrase will be captured.

Ledger users fall into quantum threat trap

According to reports, several people have reported instances of the scam on X in the past few days. According to reports, the letter mentions the correct model number and order history of the product in line with Ledger’s protocols.

Scam reports first came to light in late April 2026, and it was tied to data that could only be obtained from the 2020 data breach. During this time, Ledger suffered a major data leak, and hackers got away with the names, addresses, and phone numbers of thousands of customers.

Thanks @Ledger for sending me this letter about the quantum resistance upgrade! Can’t wait to scan the QR code and get rekt pic.twitter.com/QYnqKNhVrB

— IrishBitcoinBro ᴳᴹ ☀️ ᴵᴿᴮ 🇮🇪🫡 (@IrishBitcoinBro) May 6, 2026

One such user, “@IrishBitcoinBro,” took a picture of the mail and posted it on May 6, along with some sarcasm toward Ledger and a warning to others about the QR code.

The company acknowledged the matter and assured everyone that it had a strict policy: “Ledger will never call, DM, or ask for your 24-word recovery phrase.”

The CTO of Ledger, Charles Guillemet, has detailed the practical impacts of post-quantum computing on crypto security, stressing that while ECC is not currently at risk, it is essential to prepare now.

As Guillemet outlined, security on blockchain relies extensively on ECC for public and private keys. If quantum computing has advanced enough, the application of Shor’s algorithm would enable cybercriminals to calculate private keys from publicly revealed public keys

Ledger’s CTO urges proactive preparation for quantum computers that could break ECC. Source: X

This is because public keys are exposed each time money is transacted, in Bitcoin’s initial outputs, and when addresses are reused. Guillemet emphasized that security in blockchains should not depend on hiding them, ruling out any “wait-and-see” policy.

In response to user concerns, Ledger states that it is closely tracking developments and collaborating with the blockchain community to develop quantum-resistant solutions.

Ledger guides its customers towards pertinent information on such hacks. However, the team cannot promise an immediate delivery of firmware upgrades through mail.

Quantum threat set to affect BTC and ETH as early as 2030

According to a recent study by the quantum security firm Project Eleven, there may be a real vulnerability in cryptocurrencies like Bitcoin and Ethereum before 2030.

Researchers have identified the existence of a “cryptographically relevant quantum computer” (CRQC). The finding implies that CRQC is more likely to emerge by 2033 and may even arise as soon as 2030.

As reported by Cryptopolitan, the threat lies in Shor’s algorithm, which allows quantum computers to effectively compute the elliptic curve discrete logarithm for ECDSA signatures used by Bitcoin and Ethereum

The recent breakthrough includes a study conducted by Google in March 2026, which significantly reduced resource requirements. According to the study, cracking Bitcoin’s cryptographic security could be possible using about 1,200 logical qubits in less than 90 minutes on superconducting hardware.

According to Project Eleven’s study, there is a high risk of exposure: around 6.9 million BTC (roughly one-third of the total) are stored in addresses whose public keys are exposed and thus susceptible to “harvest now, decrypt later” attacks

For Ethereum, more than 65% of ETH tokens are in such addresses. The funds could be irrecoverably lost once decrypted by a quantum computer, since the blockchain system is immutable.

The smartest crypto minds already read our newsletter. Want in? Join them.