Hackers have infiltrated Global-e’s systems, and some Ledger customers are now at risk of receiving highly convincing scam emails.
Ledger has alerted some customers of a possible personal data breach due to a cyberattack on its partner, the payment service Global-e, which processes orders on Ledger.com. However, the company maintains that Ledger’s infrastructure was not affected and that its hardware and software products remain secure.
The company explains that the incident affected customers who made purchases on Ledger.com through Global-e, which acted as the Merchant of Record (MOR) , or legal and payment intermediary, in the transaction. Ledger emphasizes that this was not a cyberattack on its network, but rather a compromise of data stored by a third-party order processor.
According to Ledger, the attackers gained access to order information stored in Global-e’s systems. This could have led to the disclosure of buyers’ names and contact information. However, Ledger maintains that no financial information was leaked.
The situation became public knowledge after researcher ZachXBT issued a community alert and shared an email notification about the incident. It’s important to note that this notification was sent to Global-e, not Ledger.
Global-e processes payments and orders for numerous online stores and brands. The platform handles tax calculations, localization, and compliance checks, so it stores order data. Global-e’s clients include adidas, Disney, Hugo Boss, Ralph Lauren, Michael Kors, and Netflix.
Ledger specifically emphasizes what attackers cannot access. Neither Global-e nor Ledger itself stores or accesses the 24-word seed phrase that opens the wallet , nor do they have access to the blockchain balance or other secrets associated with digital assets. This means that a hack does not automatically result in the loss of cryptocurrency unless the user voluntarily discloses key information to attackers.
However, the company warns against another scenario. After obtaining customers’ names and contact information, attackers could attempt to lure users to phishing pages under the guise of support or official notifications, tricking them into revealing their seed phrase or passphrase. Ledger urges users to remain vigilant, not to share their 24-word passwords , and, where possible, to confirm transactions to ensure they understand exactly what they are signing.
Global-e reported that after detecting suspicious activity in its cloud environment, it quickly isolated and secured the affected systems. The company maintains that no payment data or account credentials were compromised. Global-e is currently directly notifying potentially affected users and the relevant regulatory authorities.
Ledger emphasizes that affected users will receive a separate message from Global-e with details on the impact of the incident . For further information, the company recommends contacting Global-e, as the breach occurred on the payment partner’s side.
Follow us on Google News to receive daily updates on cybersecurity. Contact us if you would like to report news, insights or content for publication.
