Ledger Data Breach: CryptoCurrency Survival Guide

Check here to see if your personal information was leaked in this attack: https://ledgerhack.anchainai.com/

This article may save your crypto assets if you are impacted (very likely!) by Ledger data breach!


Breaking news as of this December, 2020: Popular cryptocurrency hardware wallet, Ledger, had their eCommerce database hacked in June of 2020. Now we are seeing massive customer personal information leaks, including over 1 million emails, and 272,000+ personal information leaks, including shipping addresses for hardware wallets, as well as names and phone numbers associated with accounts.



Sample records from Ledger data breach: US Department of Justice, Homeland Security, Brazil and Singapore government, JP Morgan Chase bank, UC Berkeley, Stanford, and more.


AnChain.AI feels the responsibility to raise public awareness on the upcoming fraud and cyber-crimes. As a leading blockchain cybersecurity company, our threat intelligence depicts the impact is actually underestimated at this moment. This concerns us on a personal level as well. We have employees, investors, friends and families that are impacted by this massive data breach:


“I purchased a Ledger in April of 2019. Months later, I found out I was implicated in the breach. To this day, I receive phishing emails related to this. With this new leak, I’m taking extra precautions.”

- Clayton Leslie, AnChain.Ai Employee




We are publishing a quick tutorial on how to protect yourself from Ledger data breach, together with a free website that allows you to see if you have been impacted.


Check here to see if your personal information was leaked in this attack: https://ledgerhack.anchainai.com/.


If you were implicated like Clayton, you’ll see this:


What to know:


1. Ledger data breach only involves their eCommerce website, NOT their hardware wallet. Your crypto assets in Ledger wallet are AS SECURE AS BEFORE.


2. Ledger data breach is probably the largest cryptocurrency customer data breach in history. Per AnChain.AI threat intelligence, it impacts over 1 million global Ledger customers, in the following sectors: banking, venture capitals, governments, universities, and many individuals, even worse, the massive global impact across USA, Germany, UK, and more.


3, Expect more targeted phishing attacks from various attack vectors: phishing email, phone SIM swap attack and more.


This tutorial will guide you through how to recognize them, and secure yourself in this massive data breach.


Understanding the risk exposure:


These 4 key private pieces of information have been leaked from from Ledger’s customer database:

  1. Name

  2. Email

  3. Home address

  4. Phone number



With the above mentioned 4 different customers’ private information leaked in the Ledger data breach, the AnChain.AI team highlight these four attack vectors that might emerge in the next few months: phishing attacks, phone SIM swap attack, Scammer phone call and Physical attack.


1. Phishing attacks


Attempts will be made to have you download the “latest version” of Ledger or enter your 24-word recovery phrase due to a security breach. There has been no security breach for the ledger device itself. In this case, the attackers are taking advantage of having your email address in order to trick you. Never click links or provide information, despite it appearing to be from Ledger’s official website. Ledger will never force you to provide information in this manner to protect you.


Ledger is maintaining a log of all phishing campaigns to help protect customers. Research possible campaigns, stay updated, and if you notice that you are being phished, send in a tip at the official ledger.com website here.


Check out the gallery of phishing attempts. Notice that phone numbers can also be attacked!





2. Phone SIM swap attack


Early 2020, A Canadian teenager was charged with over $50 million in cryptocurrency theft originating from Phone SIM swap attacks. News here.


Since this data leak extends to phone numbers, it is important to understand the Phone SIM swap attack. This is a type of attack that those implicated in the Ledger breach might not be as prepared for.


In this situation, the attacker will use social engineering techniques in order to gain access to your cell-phone service provider. If successful, they will then convince the service provider to switch the SIM associated with your account to their own. At this point, the attacker has control of your calls and text messages, which they can use to take advantage of even more of your information, including the potential to access your SMS based 2-factor authentication. To fight back, be sure you have a PIN (Personal Identification Number) set up on your cell-phone account.


Sprint: As a Sprint subscriber you should have already set up a pin. Once you have registered, you will use your sprint.com username and password to sign on.Along with your PIN, you will be asked to select a security question and provide an answer in case you forget your PIN. You can change your account PIN at any time by signing in to sprint.com and clicking My Account then select Profile & Settings.


AT&T: Go to your account profile, sign in, and then click Sign-in info. Select your wireless account if you have multiple AT&T accounts, then go to Manage extra security under the Wireless passcode section. Make your changes, then enter your password when prompted to save.


T-Mobile: Set up a PIN or passcode the first time you sign in to your My T-Mobile account. Pick text messages or a security question and follow the prompts.


Verizon Wireless: Call *611 and ask for a Port Freeze on your account, and visit this webpage to learn more about enabling Enhanced Authentication on your account.

If possible, use application-based 2FA such as Google Authenticator or Authy. These authenticators won’t be affected by SIM swap attacks, since they are not associated with your cell-phone number.



3. Scammer phone call

Keep an eye out for scammers taking advantage of your personal number by impersonating customer support, as Ledger does not have a customer support phone number.In the past, scammers have set up fake websites that will claim to represent Ledger customer support. It is likely that they will take advantage of this breach, and set up similar websites.



Look out for similar tactics over the upcoming months. Keep in mind that you will likely be directed to one of these sights or phone numbers via an email, but it is also possible to receive a phone call as well given that the leak also includes phone numbers.


If you suspect that you are being approached by scammers in this manner, don’t forget to report it to ledger’s phishing attempt site.


4. Physical attack


Physical attack is rare because it exposes the hackers as well. For high net-worth individuals wigthin the 272,000,000 Ledger customer breach that live in lavish neighborhoods, physical security is always important. The hackers can take advantage of the personal address leak to employ threat tactics:



If you live in a neighborhood with notably expensive real-estate, it is important to consider the implications of this leak. Stay up to date with the latest happenings in your neighborhood, and report any suspicious activity to the police. Also, if you receive threats, report these to Ledger and your local authorities.


Share this tutorial with your friends and families that may be impacted by Ledger data breach!


Lastly, the AnChain.AI team is here to answer your questions regarding cybersecurity, blockchain security and more. Contact us: Info@AnChain.AI


Sign up for updates to our research

anchain.ai_logo.png

© 2020 AnChain.AI Inc. All rights reserved.

  • medium_grey@2x
  • linkedin_grey@2x
  • twitter_grey@2x