Bitcoin Forum

* Never share the 24 words of your recovery phrase with anyone under any circumstances.
* Never validate a transaction on your Nano if you are not the author of this transaction.
* Ledger can not and will not deactivate your device. Ledger is not in a position to 'block' or 'deactivate' your device. Any request asking you to do this is a scam attempt
* Ledger will never contact you via text messages or phone call.
* Always make sure that you interact through Ledger’s official channels, not the fake ones that might even resemble the real ones, you must be careful.

Authentic Ledger domain names are:
@ledger.fr
@ledger.com
@ledgerwallet.com
@ledger.zendesk.com

For more details and to know about the 'ongoing phishing campaign'
https://www.ledger.com/phishing-campaigns-status

---

Ledger users personal data was compromised in June 2020, and after then as being many reports of phishing attempts and in which many users lost huge amount of bitcoin and other cryptocurrencies.

https://cointelegraph.com/news/ledger-users-threaten-legal-action-after-hacker-dumps-personal-data
According to a tweet from network security firm Hudson Rock's Alon Gal, a hacker allegedly behind the breach of personal data from hardware wallet Ledger in June has made all the information they obtained available online. This reportedly includes 1,075,382 email addresses from users subscribed to the Ledger newsletter, and 272,853 hardware wallet orders with information including email addresses, physical addresses, and phone numbers.

Although, if someone can know about phishing attempts he can be able to avoid being scammed by not

1. Giving out his seed phrase or private key
2. Not clicking on links on the phishing emails and personal messages

But what about peoples personal or home address that is known to public and which hackers can now link to ledger wallet users.

This is why being extra paranoid in terms of privacy/security sure is beneficial in the long term. Things like:

• using different emails for different purposes
• a burner mobile number
• using a PO box or a separate address(if I remember correctly Jameson Lopp actually rented out a different place just for receiving orders)
• etc

might seem to be too "crazy" or "too paranoid" for the typical person, but adversities like this shows how being extra paranoid does help a lot.

It looks like that I am of those compromised data that has been leaked online. Has anyone received a similar email from [1] https://haveibeenpwned.com/?. Though I am certain that nothing will happen on my bitcoin that is stored in their products, still, I am anxious about how can these physical attack be possible? Like seriously? That's a million number of email and other confidential personal information.

https://i.imgur.com/7bm0h2Ul.png

Over-complacency and poor security practices.

---

I cannot wrap my head around why Ledger didn't take appropriate measures and scrub the consumer's database regularly. It would've been one of the basic things that they could've done and would've limited the attack size significantly.

I hope people won't break into homes just to get a Ledger. It'll help if you keep it in a safe or somewhere obscure but it's PIN code should nullify the effectiveness of any physical attacks, barring any zero day exploits on that appearing any time soon.

Ironically, Ledger collects a lot of data of their consumers in order to comply with many different laws and regulations that mainly aimed to protect users privacy. The list of laws they must comply with includes:

https://fra.europa.eu/en/law-reference/act-ndeg78-17-6-january-1978-data-processing-data-files-and-individual-liberties
https://www.cnil.fr/sites/default/files/typo/document/Act78-17VA.pdf
https://www.activemind.legal/legislation/gdpr/
https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX:32002L0058
and others

When you buy a hardware wallet via official Ledger website the following information is collected; it stored for a long time:

- Your name (first name, last name);
- Your e-mail address;
- Your postmail address;
- Your phone number;
- Your physical address and other contact details;
- Your credit card number;
- Your other payment information;
- When you contact customer support, they will record and store their correspondence with you;
- You also may be asked to perform a small KYC procedure when contact customer support;
- Your IP address;
- Your operating system;
- The type of device you use;
- Date and time you visit the website;
- Browsing Data (information about your visit including the URL clickstream to, through and from our website, products you viewed or searched for, download errors, length of visits to certain pages, page interaction)

Source: https://shop.ledger.com/pages/privacy-policy

It is also worth to note that users can (should) request manual deletion of their personal data, but this does not guarantee that the data will be deleted immediately.

In short, if you care about your privacy, you'd better avoid shopping through an official store. This is worse than any KYC on any centralized exchange.

Many people don't have a clue how decentralized wallets works, once you start using them and you are given your recovery seed the wallet developers have no business with users, they have no right or whatsoever, only centralized wallets that requires email and password for login can ask people for KYC...


People need to stop using what they don't fully understand, it's why they are falling for stupid tricks

What's the deal with decentralized/centralized wallet here? Surely you are not suggesting people to stop buying from a website if they require personal details, are you? How can you receive your products then? What mk suggested might work but not everyone can do it either. At least the address part is not as easy as it sounds in my place.

And buy them offline? Sadly not everyone can fly around the world to buy some stuff.

This makes more sense now. The original breach official information talked about 9.500 personal data sets leaked (name, address, phone, etc.), aside from the 1M emails. They were emails to make them aware of these facts.

Nevertheless, the 9.500 figure seemed clearly unaligned with reality, as there were multiple reports stating not having being notified of belonging to the 9.500 set, and yet having being impacted by phising campaigns that addressed them nominally. Quite an appalling show of being unprepared.

So true, I don't even think 5% of crypto/hw users will go through the hassle of traveling to a different country/continent just to get a hardware wallet. We have to take this situation as a 'necessary evil' and hope ledger takes better precautions in protecting users data and being proactive incase of a unforseen breach.
I don't see a problem of understanding here; Are you by any chance pushing for people to store coins on centralized wallets, on such wallets, any breach/hack and you lose your funds, plus there's already the danger of your KYC info being sold on the black market. Having said that, on decentralized wallets like ledger, you the user is in full control and you don't need the devs to have any 'business' whatsoever with you, other than keeping you private info you used upon online purchase secret, and mind you that even if there's a breach in their database your funds are still safe, there's only a danger of a physical attack or if you give out your seed phrase, so I don't get your hype of centralized wallets.

People willing to break in to your house to look for a Ledger aren't going to have three goes at guessing the PIN and then give up and leave empty handed. The concern is with $5 wrench attacks compromising the physical safety of everyone in this database. Everyone involved should set up multiple passphrases if not using them already to give some form of plausible deniability, as well as examining their physical security.

If you can't buy in person, then I think the next easiest option would be as follows:

Create a brand new Amazon account over Tor with a fake name and address and a brand new email address
Buy a hardware wallet using a gift card you have bought with cash or mixed bitcoin
Ship it to an Amazon locker, hub, or pick up point which only requires an email confirmation and not any ID to collect

While not as good as a completely anonymous address or PO Box, it is still a pretty good solution. I've not actually tried this myself though, so I don't know if Amazon would throw any spanners in the works. You could also replace Amazon with any other company which would ship to a pick up point or similar. The further away the pick up point from your real address, the better.

Or just scrap hardware wallets altogether and create an airgapped wallet from an old laptop or a Raspberry Pi.

This is probably the safest way to receive goods which demand our privacy but not many countries do have a PO Box for the common public. In such a case, we need to find help from someone who doesn't really know much about bitcoin and we need to ship to their address who can collect it on our behalf and whom we really trust. Atleast this is what I do to hide my real identity from the bitcoin world while receiving bitcoin products and stuffs. I even had a anonymous pickup point which I have been using it for 2 years but for safety purposes I have stopped using them as well in recent months.

On top of that to be on the safer side I never did KYC in any of the exchanges so far. All in all whenever I am in need of selling my bitcoin for fiat (which is a very rare case) I use a trusted known person who can help me in withdrawing fiat by selling through their account.

The most worrisome thing is that people's physical addresses and phone numbers has been exposed on darkweb hence several people could be in physical danger. Imagine people breaking into your house and threaten the hell out of you to give your recovery phrase or better yet beat it out of you or even harm your family. This was really unprofessional and careless act from Ledger.

Data security has always been their most promised point and now they can't even ensure that, rather being careless and not being transparent early enough until this happen.

Now people really need to be very careful and tighten their security and ensure to not fall for phishing emails, text and calls. Ledger has some serious damage control to do

This is where adding a temporary PIN code (https://support.ledger.com/hc/en-us/articles/115005214529-Advanced-passphrase-security) to your Ledger helps a lot. Transfer all your funds except $50-100 to a temporary PIN and if such an attack ever happens, you could get away with a loss of only $50-100 while the remaining majority of your funds will be safe. The thief will think you've given him everything you had, without knowing you also have a hidden account containing the actual portfolio.

To learn more about how a secondary password helps, check out the following link: https://www.ledger.com/academy/passphrase-an-advanced-security-feature

The question is should we follow the security tips from the Ledger company that allowed such a data leak? It seems to me they have no idea how to hide something sensitive and important. The leak of that data may result not only in a loss of funds but also in a loss of someone's lives, which is obviously more important than bitcoins stored on Ledger hardware wallets.

In my opinion, plausible deniability in such a case won't help since attackers are usually well aware of any tricks that one may come up with a Ledger hardware wallet. You don't think they'll leave you alone after taking your $100, do you? Personally, I doubt it.

It is better to get rid of your Ledger altogether and try to persuade attackers you had sold all stupid bitcoins and stupid hardware wallets because it was dangerous to deal with those after a leak happened. Otherwise, once you show you still have it, you are most likely done.

I received and found these lists, I found more than 15 people just from my city. I do not know what to do, everything is there, addresses, phone numbers, mail. Advise what to do?

I wouldn't just blindly listen to security tips from literally anyone. But plausible deniability through a PIN/passphrase? It's not like it's a thing that only Ledger has and recommends.


The plausible deniability route is far more convincing that simply saying that you lost literally all your bitcoin to be honest. And it's more likely for them to not leave you alone if you left them with $100nothing.

And sure, there's a decent chance that the thief might know about the temporary PIN trick, but it's at least worth trying to pull it off.

This made me want to check out Trezor's privacy policy, and it turns out they delete order data after 90 days at most. It still comes down to trusting a third party to handle your data correctly, or to even do what they claim they'll do, but at least they're a lot less vague with how long they keep your data:

Trezor:


Ledger:


This probably goes without saying, but maybe the best advice to give at this point would be to stay away from Ledger completely. I wouldn't even trust Trezor to be honest, but it's up to the individual to weigh the risk of letting others handle their information.

Quite unfortunate to encounter such an incident but we must know that nothing is safe on the internet.
I came to know about the Ledger Nano data leak yesterday and today I read it on Cointelegraph.

People have already started getting threatening emails and virtual attacks inlcuding
- Threatening Home invasions demanding payment of $500 (Since addresses were leaked)
- Phishing attacks (Since the email was leaked)
- Sim swapping attacks (Since phone numbers were leaked)

Just imagine how afraid these users would be who got the threatening home invasion mails.
There's pretty much nothing we can do about it  :-[

Source : https://cointelegraph.com/news/doxxed-ledger-users-in-danger-of-physical-harm

This is the reason why most people in this crypto space care so much about their privacy and identity. It's not completely safe when we entrust important identities and data to online sites. Scammers stalk crypto users at all costs, so we had to be vigilant and take various precaution. Of course, it is the responsibility of every user to always maintain their security and privacy online. Something that is considered safe may not be completely safe if we cannot control it ourselves.

I don't know about others but to me, this is way too much information for a third party site. You don't give off all this much private details just to a third party site just to ensure to protect your privacy. Compliance with these needed information had very much made your data go public already. You don't know the person at the other end and in cases as these. In issues of privacy data, the less known to the third party, the more safe you are.

Ledger really need to look into there terms of service because it's really compromising a lot. Having a users private details like home address could lead to blackmailing and other crimes especially with the fact that, a user's wallet address could be scanned to know its content. It's not a fair way to operate.

You do realize that they really need to have your personal information(including your home address) for them to be able to ship out the purchased products to you, right?

The leak doesn't have anything to do with additional security features their products have. If you're paranoid about their temporary PINs, then there are so many other things you should worry about as well - ending up not owning any hardware at all. They might've had shitty database protection, but their products have been long tested. Still unsure what their Secure Element does though - that is a big question mark for me as well, and it makes me kinda paranoid about its existence.

Well, if that's the case then they may also not leave you alone even after giving the temporary password. Luck matters here too. If they're ready to take everything from you and leave you without life afterwards, then no matter what you do you'll still have to face death.

Quite sure negotiation isn't an option when an attacker is inside your home. You either show it or you don't, they don't have time for stories.

Then one could set up multiple temporary PINs - one for cases such as hostage and torture, one for the actual portfolio you own. If someone ever attacks you, show them the main password. If they keep insisting to give away a temporary password as well, give them the one ready specifically for this purpose.

I'm not sure if this has been posted elsewhere on Bitcointalk, but I came across this on reddit:

https://www.reddit.com/r/ledgerwalletleak/comments/ki1nsz/received_phone_call_threatening_kidnapping_and/

Basically a leak victim being threatened with violence. Yikes. If you personally had your info leaked, you may want to drop by there; they seem to trying to organize a class action lawsuit.

One more reason to avoid 3rd parties at any cost. It's completely sick to see how Ledger handled this. Collecting so much data and storing it instead of deleting it immediately (which would be risk enough) they are storing it insecurely. Insane.
I would imagine that they know, as leading hardware wallet manufacturer, that they are increasily targeted by hackers, especially when Bitcoin gets more famous.

So now, we have local criminals using stolen addresses of crypto owners, criminals who know exactly that these people are likely holding crypto and where they live. Good riddance.

https://i.imgur.com/4Yed1QE.png
https://xkcd.com/538/

Luckily I haven't bought one and I will more than ever avoid to buy one and sending them my personal data. Their devices are a good solution, yes, but I see too many downsides compared to using my personaly paper wallets.
And some sort of downplaying the issue by trying to cover it up is even more insane. Maybe they didn't know how many users were hacked, it's really hard to tell...


That's insanely irresponsible...

The ledger data breach that led to 1,075,382 emails addresses of users that subscribed to Ledger newsletter being compromised, including 272,853 hardware wallet orders which led to email addresses, physical addresses and phone numbers being compromised also. There has being some ledger users commenting about physical attack that could result. According to today's news, this are recent things that have happened:

Normally, the phising attempts is clear in a way that phishing messages are sent to ledger wallet owners but recently this is possibly leading to sim swap attack and physical threat.

If you were one of those whose information was compromised in the "July website database breach," you would have received an official email coming from Ledger itself, noreply@ledger.com, informing you that "Your personal information has been exposed." I got mine a couple of days ago.

I don't think haveibeenpwned.com is officially tasked by Ledger to send information about the breach. If your account is somehow pawned as indicated in the notification, it may not refer to the Ledger breach.

I've scanned my inbox a few more times but I didn't receive any email from Ledger itself, only haveibeenpwned.com who notifies me about the current incident. Though it maybe comforting, still, we can't deny the fact the Ledger's database has been leaked  ::)..

https://i.imgur.com/etTJgjol.png

This their heading followed by numerous link that I also don't bother to click anyways. With the being said, I have learned an important lesson that these incident will happen regardless of how reputable the company is..