Connect with us

Hacker claims to own Ledger and Trezor databases


Hacker claims to own Ledger and Trezor databases

According to the cybersecurity firm Under the Breach, a hacker would seek to sell information on the customers coming from famous manufacturers of hardware wallets such as Ledger, Trezor and KeepKey.

A real data leak?

In his publication, the hacker claims to have the names, addresses, emails and telephone numbers of users. However, according to his words, he would not have passwords :

Ledger Trezor database hack

Screenshot of the hacker publication – Source: Under the Breach

In total, it would be close to 66,700 users who would have been affected by this data leak. According to Under the Breach, the hacker would have achieved this result by exploiting a flaw in the e-commerce platform Shopify.

Faced with these truly disturbing allegations, the companies concerned quickly reacted on Twitter. Ledger notably claimed that the hacked database would have no correspondence with their real database:

There are rumors that our Shopify database has been hacked due to the exploitation of a Shopify vulnerability. Our e-commerce team is currently verifying these allegations by analyzing the so-called hacked database, and so far it does not correspond to our real database. We are continuing the investigations and are taking the matter seriously.

For its part, Trezor claims that its online store does not use Shopify and that therefore the exploitation of said flaw would not affect it:

Rumors are spreading that our e-shop database has been hacked by exploiting a flaw in Shopify. Our eShop does not use Shopify, but we are nevertheless investigating the situation. We have also systematically purged old client files from the database in order to minimize any impact.

At the time of this writing, ShapeShift, the company that owns KeepKey, did not comment on the hacker’s claims.

👉 On the same theme: 1.4 million GateHub accounts leaked

Other platforms and companies involved

In addition to the probable leak of this data, the hacker would also have in his possession information from users of other platforms.

Indeed, according to another screenshot shared by Under the Breach, the hacker is allegedly the same person as the one who attacked the forum in 2016.

Among many other platforms, we would also find user data from:

  • BnkToTheFuture – 34,500 users: a platform for investing in FinTech, blockchain and crypto companies
  • Bitbond – 27,400 users : a platform specializing in the issue, settlement and custody of bonds using the blockchain
  • Augur – 3,900 users : a decentralized network allowing online bets with cryptocurrencies
  • Korbit – 4,500 users : a South Korean exchange

Although the hacker’s allegations seem particularly disturbing, the veracity of his words has not yet been verified. In doubt, don’t hesitate to change your password on the aforementioned platforms even if the hacker specifies not to hold it.

To follow the progress of the data leak, we will keep you informed on Twitter, @cryptoastblog.

👉 To read on the same subject: DeFi: hackers exploit a vulnerability of dForce and drain $ 25M

Newsletter 🍞

Receive a summary of crypto news every Sunday 👌 And that’s it.

About the Author : Clement Wardzala


Since 2017, I have been interested in Bitcoin, cryptocurrencies and associated blockchain technology. I firmly believe in these technological innovations and that they are already revolutionizing many sectors.
All articles by Clément Wardzala.

From Clément Wardzala: Source link

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in News

Top Crypto in Real Time


Clothing and Derivatives

To Top