The cryptocurrency hardware wallet firm Ledger was hacked last June and over a million emails were exposed, according to reports from the company at the time. Months later, the hackers who obtained the Ledger data emailed clients, sent texts to customers, and created phishing links for users to enter their seeds. One customer allegedly lost $50k and during the last week, the company has been getting inundated with complaints on social media.
Last Summer’s Ledger Wallet Data Breach Leads to Phishing Scams
The Ledger hackers who obtained roughly a million customer emails and possibly other data, have been harassing customers and allegedly stealing their money. On July 29, 2020, the French bitcoin hardware wallet manufacturer explained that hackers compromised about one million customer email addresses.
Additionally, around 9,500 customers had other information exposed including names, shipping addresses, and phone numbers. Ledger detailed that it recommended customers “exercise caution” and “always be mindful of phishing attempts by malicious scammers.” The company report also wrote in bold lettering that Ledger “will never ask you for the 24 words of your recovery phrase.”
Meanwhile, as time passed, customers have been getting phishing emails from hackers and allegedly a few people have lost their precious cryptocurrencies. For instance, the popular bitcoiner Brad Mills told his 19,000 Twitter followers about a person who ostensibly lost $50k in crypto.
“Hey Ledger you need to keep sending phishing warnings to all of your customers,” Mills tweeted. “People are losing their savings because of the hack. Get in front of it, continually send out purposeful emails to your customers *just* about the hack. Be a good steward. You need to do better,” Mills added.
Claims of Lost Funds and SMS Text Messages
Another user on Twitter said he was quitting crypto after getting his wallet emptied. “No way,” he wrote. “My Ledger wallet got emptied after I followed the instructions in the phishing email thinking it was the real Ledger, I can’t believe I fell for it. I’m done with crypto.”
Then another user said: “A good chunk of my bitcoin is gone through the Ledger phishing scam. Seriously. Someone I love had access to the seed phrase, got the text warning that our wallet was hacked and to enter seed to recover…, and entered the seed + passphrase. RIP.”
Many users have said the situation has been happening for months, but no one is certain to what extent. Last month, someone posted to the Reddit community dedicated to Ledger products and told people to file a complaint to their local Data Protection Authority (DPA). The post had a number of customers who said they were getting SMS text messages.
“This is getting bad,” one Redditor wrote. “I’m getting threats through SMS with all personal info. Not good. On the same thread another Redditor said:
Ledger Hackers Pretend to be Trezor
There are many social media posts about the Ledger situation from customers complaining. A variety of them have said they received an email or some kind of communication that tells the customer their funds may be compromised and the scammers act like the official company. The popular bitcoin evangelist Andreas Antonopoulos tweeted about the situation on Saturday, and said the hackers were also using Trezor’s brand name.
“PSA,” Antonopoulos said. “The Ledger database hackers are now trying a phishing attack mentioning TREZ0R (misspelled with a zero): ‘Your TREZ0R Wallet has been deactivated. You are required to pass verification due to the new KYC regulations: ’” Antonopoulos added.
“To be clear, this new phishing attack seems to originate from the same database that was stolen from Ledger,” Antonopoulos further tweeted. “The same (fake) name and number appears for me. It seems to be unrelated to Trezor, other than the attackers using that name in their new phishing campaign.”