Ledger Customers’ Data Exposed in Global-e Breach

2026-01-06 18:06:07

A Global-e cloud breach exposed Ledger customer names and contact details, but no wallets, keys or funds were compromised.
Ledger said only buyers using Global-e were affected and confirmed hardware, software and crypto balances remain secure.
Leaked data may fuel phishing attacks, a major crypto theft vector that cost users about $84M in scams during 2025.

Ledger, the crypto hardware wallet provider, suffered a customer data breach via payment processor Global-e. The incident exposed personal information, including names and contact details. Global-e detected unusual activity in its cloud systems, contained the breach, and launched an investigation with external forensic experts, according to an email sent to affected customers on Monday.

Details of the Breach and Ledger’s Response

Global-e confirmed that unauthorized access occurred on a cloud-based system storing order data from several brands. Ledger clarified only customers who purchased through Global-e as the Merchant of Record were potentially affected.

The company emphasized that its hardware, software, and wallets were not compromised. No payment information, seed phrases, private keys, or crypto balances were exposed, a Ledger spokesperson told reporters.

Ledger’s past data security issues heighten concerns over recurring breaches. In 2020, its e-commerce and marketing databases were hacked, affecting approximately 272,000 customers. Later that year, a Shopify employee leaked data of around 292,000 users. These incidents included addresses, phone numbers, and email addresses, raising risks of phishing and “wrench attacks,” where criminals target crypto holders physically.

Phishing Risks and Security Implications

The current breach is particularly concerning for the crypto community. Leaked contact information provides resources for phishing attacks, which remain a major source of crypto theft.

ScamSniffer reported that in 2025, scammers stole nearly $84 million through phishing campaigns using fake emails, texts, and calls. Analysts warn that breaches like Global-e’s could increase attempts to trick users into revealing sensitive information or transferring crypto assets.

Broader Context and Previous Threats

Ledger co-founder David Balland was a victim of a wrench attack in 2025, where criminals kidnapped him and his wife in France. The assailants attempted ransom payments and severed one of Balland’s fingers.

Authorities later arrested suspects linked to this and other similar cases. While Ledger’s wallets remain secure, the recurring breaches underscore the vulnerability of customer data managed by third-party partners.

Ledger continues to investigate alongside Global-e to assess the scope of the leak. Customers are advised to remain vigilant against potential phishing attempts and verify communications before responding.

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.