Greetings!This thread is simply to inform members of the crypto space of a newly surfaced data breach which has widespread implications across this community. Many people on here are users of hardware wallets such as Ledger/Trezor/Keepkey, seeing them as safer alternatives to traditional software wallets, however as this leak goes to show, there should never be any point within the chain of acquisition that you let your guard down and avoid actively taking measures to ensure your financial safety.
So what actually happened?Many months before the initial release of the database to the public, the ledger database was breached by an unknown entity, the database spent a good amount of time in limbo, trading hands a couple of times, being sold for the nearly unfathomable but still justified amount of
BTC20. On
20th December, 2020 the database was dumped publicly on a forum which I will not be naming, the breach contains just over
270,000 user records of people who have purchased products from the ledger website. The leak includes a lot of extremely sensitive data that the publication of could lead to excessive financial damage to those involved. Some events that have already taken place from this database leak are sim swapping attempts, phishing emails & phishing phone calls, and even threats of physical harm.
This is all the info that was compromised:
email | real name | physical order address | country | phone number
This is just the info in the buyer's info dump, the dump also contains up to 1,000,000 emails of people who were subscribed to the ledger cryptocurrency newsletter, however this data leak is far less significant as less people will be trying to saturate this list for their own gain, as the chances of finding a significant amount of wealth from anyone in the secondary list is far less than the primary one, which will be saturated to shit over the coming months.
How can I check if my info was leaked?For the safety of the other forum members here who have themselves purchased ledger products and been impacted by the recklessness of this company, I will
NOT be linking the database leak anywhere on this thread, nor will I be privately messaging people with the info. The database is not hard to find for yourself if you do your own independent research, however this will only be required if you want to see exactly what information was leaked to begin with.
If you only want to check if your info was included in this leak, and not what specifically was leaked, a good avenue to take is to use the "HaveIBeenPwned" website, which has just recently published the ledger data dump. This website will only tell you if you are in a database leak, it will not tell you the exact data that has been published.
https://haveibeenpwned.com/I was in the leak, what can I expect in the coming months?If you are one of the people unfortunate enough to be covered in this datadump, I would spend a lot of time over the next couple of months preparing for a metric shit ton of phishing emails and scam phone calls, there will be active attempts by hundreds of people to steal your data and steal your crypto, you should be constantly vigilant about any calls or emails you receive regarding any type of cryptocurrency product.
Another avenue to take if you are in a region that is impacted by the following is to change your phone number, or to remove any phone number based 2FA codes from any crypto exchange or financial custody service (such as binance). One thing that this leak will most definitely lead to is increased attempts at simswapping (
https://bitcointalk.org/index.php?topic=5172591). Since phone numbers were part of this leak, if you have significant holdings you can definitely expect to have at least one attempt of simming to impact you, which has a good chance to compromise very sensitive accounts.
I was in the leak, what can I do to mitigate the damage?Unfortunately, due to the nature of the leak and ledger's irresponsibility in not disclosing the full extent of the data leak sooner, there isn't much that can be done, people have been abusing this database to target people in the crypto community for many months now, and since the database has now been made public, this can only be expected to increase exponentially in it's frequency.
First steps that you can begin taking to ensure you aren't one of the people that is caught off guard by this leak is to start by
changing the email and passwords on all of your important accounts. The next logical step would be to
disconnect your phone number and acquire a new number to mitigate the risk of being simswapped or having SMS phishing codes sent to you. The final thing that you can do is be exceptionally cautious with how you present your crypto holdings in public avenues, if you have previous posts under the same alias or email that was present in the ledger database, delete all posts that indicate your holdings or wealth, discussing how much money you have in crypto online following this leak is essentially the equivalent of painting a bright red fluorescent target on your back with bolded text saying "ROB ME!" painted above it.
Appendixhttps://cointelegraph.com/news/ledger-data-leak-a-simple-mistake-exposed-270k-crypto-wallet-buyershttps://www.investopedia.com/hackers-leak-customer-info-from-crypto-wallet-ledger-5093577https://cryptonews.com/news/ledger-database-dump-was-my-data-leaked-and-what-to-do-next-8680.htmhttps://cryptobriefing.com/ledger-breach-clients-data-leaked/
