Pages:
Author

Topic: Ledger 1 Mln Users Data Under Attack - page 4. (Read 722 times)

legendary
Activity: 4326
Merit: 8950
'The right to privacy matters'
July 29, 2020, 07:42:03 PM
#14
Now we're going to hear news that people getting robbed and threatened to hand their ledger and the keys.  Sad

You think that someone will break into your house and attack you because they know you bought a ledger? Most of ledger users have more valuable stuff in their houses than on their wallets. How are you going to know if:

The buyer bought it for themselves and not to give away or sell?
The buyer holds a lot of coins?

You could end up breaking into someone's home and risking getting shot or stabbed to learn that they sold it, gave it to a friend or have just $1000 or something like that in cryptocurrencies. The wedding rings most people have on their fingers all the time can be worth more than that.

I have a ledger and it wasn't bought on their site so I don't care.


You make a very good point here which is being missed by most posters.

To bring up a similar case of compromised email. Bitmain was hacked and thousands of customers emails home addresses and gear purchased was leaked.

I purchased 100 plus pieces of bitmain gear. Does that hack mean many people will come to my home?
Not likely.   But if I owned a ledger I would not have all my coins on it any more.
hero member
Activity: 2184
Merit: 531
July 29, 2020, 07:10:48 PM
#13
Now we're going to hear news that people getting robbed and threatened to hand their ledger and the keys.  Sad

You think that someone will break into your house and attack you because they know you bought a ledger? Most of ledger users have more valuable stuff in their houses than on their wallets. How are you going to know if:

The buyer bought it for themselves and not to give away or sell?
The buyer holds a lot of coins?

You could end up breaking into someone's home and risking getting shot or stabbed to learn that they sold it, gave it to a friend or have just $1000 or something like that in cryptocurrencies. The wedding rings most people have on their fingers all the time can be worth more than that.

I have a ledger and it wasn't bought on their site so I don't care.
legendary
Activity: 3122
Merit: 1492
July 29, 2020, 06:51:31 PM
#12
if your email is leaked, expected to see alot of spam investment offer on your inbox  Grin

Also, assume that your name, phone no. and postal address information to be somewhere in the darknet together with 999,999 other names and other information hehehe.

The hackers should create a darknet public contacts list similar to a phonebook hehe.

legendary
Activity: 2576
Merit: 1043
Little_Mouse Campaign Management | OrangeFren.com
July 29, 2020, 06:42:01 PM
#11
~
So you are saying that whenever you use a hardware wallet, your Bitcoins are now being put in a centralized entity like the Ledger owner??

The fact that you have your own keys is a proof that what you are saying is nothing close to the topic being shared here. Its just the personal information that is being leaked and nothing related to the holdings of investors, private keys etc.

The only problem with this is when these hackers will send some phishing links to different emails then that is the time when they will be hacked if they fall to these traps.
jr. member
Activity: 62
Merit: 4
July 29, 2020, 05:54:09 PM
#10
Now we're going to hear news that people getting robbed and threatened to hand their ledger and the keys.  Sad
legendary
Activity: 1232
Merit: 1255
July 29, 2020, 05:40:06 PM
#9
If you haven't received another mail until 5 pm CET today, at least you don't belong to the 9500 customers whose personal informations have been leaked.
This was announced by the official Ledger Twitter account today.

source

There is now also a FAQ section on the website: https://support.ledger.com/hc/en-us/articles/360015559320?s=09
copper member
Activity: 246
Merit: 7
buy bitcoin, hodl bitcoin
July 29, 2020, 04:38:26 PM
#8
if your email is leaked, expected to see alot of spam investment offer on your inbox  Grin
legendary
Activity: 2716
Merit: 1225
Once a man, twice a child!
July 29, 2020, 02:21:21 PM
#7
From all indications what this hack has proved is that no system made by man is fool proof. If man makes it, man can also break it. Before now a lot of people were up defending Ledger as the best hardware crypto wallet and the best thing to have happened to man after the discovery of bread and butter. Now we know that ledger is also vulnerable. However, I sincerely hope its customers are safe with all the leaked addresses and emails. At least, they don't have to be looking at their shoulders to check who is trailing them or not.
legendary
Activity: 1134
Merit: 1599
July 29, 2020, 01:54:02 PM
#6
People have been saying "just buy a hardware wallet" for a long time, but it has always been less than a perfect solution, because some centralization and trust has always been involved, and now it was abused. Now potential burglars and kidnappers have a list of people who own some bitcoins, and something like this will never happen with a software wallet, because it doesn't ask you for your personal information during installation.

IMO and old PC with live OS like Tails is the best cold storage you can get.
I highly doubt all these people have a lot of money stored on their Ledger. As a burglar, choosing someone off this list could be a very big hit or, more likely, a very big miss.

I mean, you could get a Legder from authorized resellers without having to fill any personal detail. This is still an option. The customer leak could happen to any other shop just as easily. There can't really be online shops without trust and centralization.
sr. member
Activity: 1512
Merit: 292
www.cd3d.app
July 29, 2020, 01:22:26 PM
#5
Do not worry !!!   Your BitCoins are absolutely safe, nothing to see here   Grin Grin Grin Grin Grin Grin Grin   Yes, they know EXACTLY what the hackers got, and are being TOTALLY HONEST about it  Cheesy Cheesy Cheesy

Everyone can sleep well and not worry, they will take good care of you !!!

Hard Facts

Is it just me or did you say Ledger is centralised? Do you think anyone would use Ledger wallet if the data of private keys and user access keys were stored on their servers?
Hardware wallets store private keys internally, which eliminates the possibility of users' private keys leaking into the network.

The point is that only you own the keys to your wallet, which means that all that hackers can get is your geo data (if you entered it) and your email.
Those whose data has leaked now should be wary of phishing emails.
member
Activity: 434
Merit: 29
July 29, 2020, 01:03:14 PM
#4
Do not worry !!!   Your BitCoins are absolutely safe, nothing to see here   Grin Grin Grin Grin Grin Grin Grin   Yes, they know EXACTLY what the hackers got, and are being TOTALLY HONEST about it  Cheesy Cheesy Cheesy

Everyone can sleep well and not worry, they will take good care of you !!!

Hard Facts
legendary
Activity: 3038
Merit: 2162
July 29, 2020, 12:25:20 PM
#3
People have been saying "just buy a hardware wallet" for a long time, but it has always been less than a perfect solution, because some centralization and trust has always been involved, and now it was abused. Now potential burglars and kidnappers have a list of people who own some bitcoins, and something like this will never happen with a software wallet, because it doesn't ask you for your personal information during installation.

IMO and old PC with live OS like Tails is the best cold storage you can get.
hero member
Activity: 2814
Merit: 734
Bitcoin is GOD
July 29, 2020, 12:03:52 PM
#2
This is without a doubt very troubling information, even if they are assuring their customers their funds are safe and I think they are right, several attack vectors are now opened, first of all 9500 people are going to at least be exposed as holders of cryptocurrencies and their identities could be stolen and sold on the black market, I wonder why ledger does not delete personal information from their servers after a few weeks or months to limit the scope of a possible data breach like this one.

The second issue is that we are bound to see a bunch of phishing attacks against ledger customers asking for their private keys or their seed words and unfortunately many will fall for it losing a fortune in the process.

And finally the reputation and the sales of ledger will suffer, anyone on the fence thinking about whether they will get a ledger or a trezor will probably prefer to pick a trezor until things calm down.
hero member
Activity: 1708
Merit: 651
SmartFi - EARN, LEND & TRADE
July 29, 2020, 10:52:56 AM
#1
Ledger Hardware Crypto Wallet Team Disclosed Data Breach, 1 Mln Users' Data Under Attack

July 29, 2020, the team behind the Ledger products revealed that a critical vulnerability had been disclosed two weeks ago in the Ledger e-commerce database.
It has mostly affected the email addresses of Ledger purchasers, but it has also affected some personal information.

As announced by the Ledger team in their recent official statement, a participant in the Ledger bounty program contacted them on July 14 with information about a security breach.
It was immediately fixed, but then the experts disclosed that the system had been further exploited on June 25.

A third-party attacker accessed the segments of e-commerce and promotional databases holding the email addresses of customers.
Additionally, 9,500 users were exposed to a leak of order details: name, street address, phone number and the details of what they ordered.

During the investigation, Ledger's officers found out that the malefactor abused the API key. This API key was immediately deactivated and is no longer accessible.



https://cryptocomes.com/news/ledger-hardware-crypto-wallet-team-disclosed-data-breach-1-mln-users-data-under-attack
Pages:
Jump to: