The Ledger database, an encrypted hardware wallet, was hacked and the email information of about 1 million users was leaked

Ledger, a Ledger cryptocurrency hardware wallet, posted on July 29 that the company's marketing and e-commerce databases had been hacked in late June. The breach resulted in the disclosure of customer information, including e-mails containing the E-mail addresses of about 1 million users. However, the company said payment information and encryption assets were not affected and the vulnerability has now been fixed.

Affected clients have been notified, according to Ledger. The company has detailed the details of the breach in an article published this morning. The bug was first discovered on July 14 by a researcher involved in the company's bounty program. Although Ledger says they immediately fixed the vulnerability and conducted an internal investigation, they realized that the vulnerability had been exploited a few weeks earlier, on June 25, when a third party accessed a marketing and e-commerce database using an API key that had subsequently been disabled.

"We take privacy very seriously," Ledger said of the incident. "We discovered the bug thanks to our own bug reward program and fixed it immediately. But no matter how hard we tried to avoid and fix the problem, we sincerely apologize for the inconvenience this may have caused you."

The original address

Welcome to join the official BlockBeats community:

Telegram Subscription Group: https://t.me/theblockbeats

Telegram Discussion Group: https://t.me/BlockBeats_App

Official Twitter Account: https://twitter.com/BlockBeatsAsia