Customers of Ledger, a well-known crypto hardware wallet manufacturer, have experienced a new data exposure incident following a security breach at one of the company’s payment processing partners. The breach originated from Global-e, a firm that acts as a merchant of record for online transactions. As a result, personal details belonging to certain Ledger customers were accessed without authorization.
According to information shared by a Ledger representative, the incident potentially affects only those customers who completed purchases on Ledger’s official website using Global-e as the merchant of record. The spokesperson clarified that Ledger itself was not the sole brand impacted by the breach, as the unauthorized access involved a Global-e cloud-based system containing order information from multiple companies. Despite this clarification, Ledger did not disclose how many of its customers may have been affected by the incident.
Global-e had not provided a public response at the time of reporting, leaving key details about the scope and timing of the breach unconfirmed. The lack of clarity has raised concerns among crypto users, particularly given the sector’s long-standing exposure to targeted scams.
Rising Threat of Phishing Attacks
The timing of the breach is especially concerning as phishing attacks targeting crypto users continue to rise. In 2025 alone, cybercriminals reportedly stole nearly $84 million through phishing schemes, according to data from a crypto security firm. These attacks typically rely on deceptive emails, messages, or phone calls designed to trick users into revealing sensitive information, installing malicious software, or transferring digital assets directly to attackers.
The exposure of Ledger customers’ contact details could further intensify these risks. Contact information, such as names and email addresses, is particularly valuable to scammers, who often use such data to craft convincing phishing campaigns aimed at crypto holders. With access to verified customer information, attackers can increase the credibility of their messages and improve their success rates.
Hardware Wallets and an Ongoing Paradox
Ledger’s hardware wallets are marketed as tools that enhance digital asset security by keeping private keys offline and away from internet-based threats. However, for some customers, purchasing a hardware wallet has paradoxically increased their exposure to phishing and other attacks due to repeated data leaks linked to third-party service providers.
This is not the first time Ledger customers have faced such risks. In 2020, the company disclosed that data associated with approximately 272,000 customers had been compromised following a breach of its e-commerce and marketing database. Later that same year, Shopify, one of Ledger’s e-commerce partners at the time, acknowledged that a rogue employee had leaked customer data tied to roughly 292,000 Ledger users.
Those earlier incidents exposed not only names and email addresses, but also physical addresses and phone numbers. The release of such sensitive data significantly elevated risks for affected individuals, extending beyond online scams into real-world threats.
Community alert: Ledger had another data breach via payment processor Global-e leaking the personal data of customers (name & other contact information).
Earlier today customers received the email below. pic.twitter.com/RKVbv6BTGO
— ZachXBT (@zachxbt) January 5, 2026
From Data Leaks to Physical Attacks
One of the most alarming consequences of previous data breaches has been the rise of so-called wrench attacks. In these cases, criminals use leaked address information to physically locate crypto holders and coerce them into handing over private keys through threats or violence.
These risks became starkly visible last year when Ledger co-founder David Balland was targeted in such an attack. Balland and his wife were reportedly kidnapped from their home in France and held captive for approximately 24 hours. During the incident, the attackers allegedly attempted to force ransom payments by inflicting severe physical harm. French authorities later intervened and freed the couple.
Subsequent investigations led to the arrest of a French-Moroccan national believed to have orchestrated the attack, along with others connected to similar kidnapping plots across France. The case underscored how data leaks within the crypto industry can escalate into serious personal safety threats.
Renewed Focus on Data Security and Accountability
The latest breach involving Global-e has once again drawn attention to the broader issue of third-party risk management in the crypto industry. While Ledger’s core products focus on safeguarding digital assets, incidents involving external service providers continue to expose customers to indirect but significant dangers.
As scams and targeted attacks grow more sophisticated, the protection of customer data throughout the entire purchase and support lifecycle is increasingly seen as critical. For crypto users, the incident serves as another reminder that security risks extend beyond blockchain technology itself and into the surrounding infrastructure that supports the ecosystem.
