Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Futures Kickoff
Get prepared for your futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to experience risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
## Ledger Encounters Data Leak Issue via Payment Provider
Recently, Ledger announced to users that their personal information had been accessed unlawfully through Global-e, a third-party payment processor. This incident has once again raised concerns about data security in the hardware wallet industry.
### System Vulnerability Detected and Rapid Response
Global-e identified unusual activity within its cloud infrastructure. They quickly locked down the entire system and contacted independent legal experts to conduct an investigation. According to reports, the compromised data included customer names and personal contact information. However, Ledger has kept details about the scope of the incident and how the attack occurred confidential.
### The Danger of Personal Information
Although private keys, seed phrases, and users' crypto assets remain secure, the exposure of names and contact information creates another serious threat: phishing attacks. Personal information can be used to persuade users to reveal additional sensitive data or to deliver malicious code.
This is not the first time Ledger has faced a similar issue. In June 2020, a third-party API flaw allowed hackers to access the company's database. That incident exposed approximately 9,500 customer records, including emails, addresses, phone numbers, and names. Subsequently, phishing attackers exploited this information to target dApps like SushiSwap and Zapper, stealing between $484,000 and $600,000 USD in crypto within a few hours.
### Dependence on Third-Party Providers
Ledger relies on external service providers like Global-e to handle payments and manage customer lists. Every new partnership introduces additional risks. This supply chain creates potential security vulnerabilities despite protective measures in place.
### Community Warnings
ZachXBT, a well-known blockchain analyst, previously posted about this incident on X (, formerly Twitter). He warned the community that "no hardware wallet company is completely trustworthy." His recommendation is to use fake information or virtual emails when shopping to minimize the risk of linking personal data with actual crypto assets. What is transformation? In security context, it refers to the ability to convert or conceal identity to protect privacy.
### Lessons from the Incident
The data leak from Global-e serves as a reminder that the security of a hardware wallet is only part of the story. While crypto keys are well protected, users' personal information can still become targets for attackers. In this environment, vigilance and additional protective measures are essential to ensure safety in an increasingly complex crypto world.