URGENT: Ledger Email Breach - 270,000 emails & addresses leaked publicly

Boxmining avatar Boxmining
15.5K views 819

Description

Ledger's eCommerce site was hacked in July of 2020, causing 270,000 customer emails and delivery addresses to be stolen by hackers. FUNDS ARE SAFE. NO cryptocurrency / private keys were leaked. Today ...

AI Analysis

Alright, let's talk about the Ledger email breach. This video is a really urgent heads-up about a data leak from Ledger's e-commerce site back in July 2020, where personal information of 270,000 customers, including their full addresses and phone numbers, was stolen. While your crypto and hardware wallet are completely safe, this leaked data has now gone public, leading to nasty email scams and a whole lot of fear.

Here’s the rundown:

* The Unfortunate Leak Details: The video explains that 270,000 Ledger customers had their emails, full names, home and shipping addresses, and even home phone numbers exposed. On top of that, another 1 million email addresses were also leaked. This is a massive issue, and the presenter feels it's "horrific," especially the home addresses.
* When It Happened vs. When It Went Public: This wasn't a fresh hack; the breach itself occurred way back in July 2020. However, the truly scary part is that the stolen information, which was previously only circulating within hacker groups, became completely public today, meaning anyone can access it. The presenter expresses frustration, noting how "disastrous" it is that this sensitive data is now so widely accessible.
* Ledger's Understated Problem: Ledger initially downplayed the severity, claiming only 9,500 customers were affected. However, it turns out the actual number is a staggering 270,000. The presenter can't hide their anger, stating, "Holy crap! I cannot describe how angry I feel about this," and questions why this information wasn't better secured or deleted.
Crucial: Your Crypto Is SAFE! This is the most important takeaway! The hack did not* compromise your crypto wallet, private keys, or the Ledger device itself. Your cryptocurrency is as safe as it ever was. Scammers are trying to exploit the fear by sending fake emails claiming your crypto assets are compromised, but this is a lie designed to trick you.
DO NOT Click on Links! This is a critical warning. Scammers are sending very official-looking fake emails that mimic Ledger communications, often trying to get you to click on links to download "updated" Ledger Live software. These are phishing attempts that could lead to viruses or further breaches. Avoid clicking any* links from suspicious emails or even random files shared on platforms like Telegram, as they could contain malware. The presenter stresses that it's easy to get "screwed even further" if you're not careful.
* Checking If You're Affected (Safely): The only reputable website to check if your email was part of this or any other data breach is `haveibeenpwned.com`. Just enter your email address there. The presenter strongly advises against using any new, unofficial sites like `haveibeenpwnedbyledger.com`, as these could be collecting your IP address and email for malicious purposes.
* Dealing with Extortion Attempts: Some affected individuals are receiving direct threats via email, where hackers list their leaked home address to scare them into paying. If you receive such a threat, do NOT pay! Contact local law enforcement immediately. Paying will only confirm you're a potential victim and could lead to more extortion. This is a "complete BS" situation that needs police involvement.
* Essential Security Measures:
* Stay Calm, Don't Panic: Rash decisions can lead to mistakes. Take your time to implement security improvements.
Double-Check Addresses: If sending cryptocurrency, always manually verify the entire* recipient address, especially if you suspect your computer might have a virus that could swap addresses.
* Use a VPN: A Virtual Private Network hides your IP address and location, adding a layer of privacy while browsing. NordVPN and VPN.ac are mentioned as good options.
* Activate Antivirus: Ensure your antivirus software (like Windows Defender for Windows users) is turned on and up-to-date. Regularly scan your system for viruses.
Implement Robust 2FA (Two-Factor Authentication): For all your cryptocurrency exchanges and email accounts, switch to Google Authenticator (TOTP) or a physical security key for 2FA. Avoid SMS-based 2FA*, as hackers can perform "SIM swap" attacks by tricking your phone company into giving them control of your phone number.
* Consider a YubiKey: A physical security key like a YubiKey (around $29) adds an incredibly strong layer of protection. You physically tap or press it to authorize logins or transactions, making it "literally impossible" for hackers to access your accounts even if they have your password and email.
* The Presenter's Ongoing Frustration: The video ends with the presenter still feeling "really angry and pissed off" about the hack, emphasizing the severity and the need for everyone to boost their security. They spent a lot of time today improving their own security and wanted to share these critical steps immediately.

Transcript

All right, guys, I really hate making this video, but I think I need to rush this to help a lot of people who are really stuck in this unfortunate situation. So let's get to it. A database containing personal information of over 270,000 Ledger customers. So this is with the Ledger Hardwork wallet has been released today to public. All right. So this is actually pretty disastrous. And a lot of people were concerned. In fact, when I saw this news, I was like kind of shocked at first, then filled ...