Hardware wallet giant Ledger confirmed a network breach on Monday after unauthorized access occurred within systems operated by an external payment provider. The incident may have exposed limited customer order information. Ledger stressed that wallets, devices, and recovery phrases remained secure and unaffected.
The Ledger breach originated from infrastructure used to process payments and manage online orders. The platform identified the issue after suspicious activity appeared in a cloud-based environment linked to its commerce operations. Access to the affected systems was blocked once the activity was detected.
Ledger Breach Limited Data Exposure, Wallets Unaffected
In an X post, ZachXBT shared an email alert sent to customers by Global-e regarding the incident. The company said the disclosed data included customer names and contact information. It did not specify whether email addresses, phone numbers or physical addresses were included. The company also did not reveal the total number of affected users.
Source: X
An internal investigation came after activity was discovered in the account. Outside forensics experts were brought in to determine the extent and cause of the breach. Ledger claimed that the investigation revealed no breach to wallet infrastructure. No digital assets were lost in the Ledger breach.
Ledger stressed that its main systems had not been breached. The company explained that payment processing platforms do not have access to private keys, recovery seed phrases, or wallet balances. So far, those are kept separate from the order and payment data.
This Ledger compromise is the second known where customer information was exposed on a third-party service. In April 2025, Ledger reported a incident concerning unauthorized access to their customer data. Third-party vendors for e-commerce operations introduce exposure not bound by Ledger’s internal security perimeter.
Past incidents continue to influence user concerns. In June 2020, hackers breached Ledger’s e-commerce and marketing database by means of a poorly configured third-party interface. The breach exposed about one million email addresses. It’s estimated that detailed personal information of around 9,500 customers was also exposed.
ZachXBT Warns Users as Ledger Reviews Security After Breach
After release of the Ledger breach information, blockchain researcher ZachXBT posted a community warning. He responded to user complaints about how data can be stored securely.
ZachXBT recommended that users try to keep verified personal data to a minimum when purchasing hardware wallets. Fake or lesser information can cut down targeted phishing. This technique can also help to break associations between leaked records and real identities.
However, Ledger said that vendor security practices were under scrutiny after the breach. The company appealed to the customers to keep their guard up. The platform recommended verifying any exchange and ignoring unsolicited requests.
Crypto Alert: Ledger Confirms Network Breach After Global-e Incident Exposes User Data
