Ledger Customer Data Breach via Third-Party Payment Processor Global-e

The crypto wallet manufacturer Ledger has experienced a data breach through its third-party payment processor, Global-e. According to an email from Global-e, shared by researcher ZachXBT on X, unauthorized access to personal data occurred, including user names. The exact date of the breach and the number of affected customers remain undisclosed. The breach is limited to data handled by Global-e and does not affect Ledger wallet funds or private keys. This incident underscores the risks associated with third-party vendors and the importance of supply chain security. For cybersecurity professionals, it highlights the need for robust data protection measures and regular audits of third-party vendors. Customers should be vigilant for phishing attempts and monitor their personal information for signs of identity theft. Companies should review their third-party vendor security policies and ensure adequate safeguards are in place.