Ledger

Major cryptocurrency hardware wallet provider Ledger experienced a data breach.

The company said it was made aware of the breach on July 14 when a researcher participating in its bounty program reached out with details of a potential vulnerability on their website.

While they were able to fix the breach immediately, a further investigation found that an authorized third party carried out a similar action on June 25.

The individual used an API key to access the marketing and e-commerce database the company used to send promotional emails.

This compromised the email addresses of almost one million people.

For a subset of 9,500 customers, details such as first and last name, postal address, and phone number were also exposed.

Source: https://cointelegraph.com/news/data-breach-at-crypto-wallet-firm-ledger-exposes-users-personal-info

"id": "LED213813123",
"linkid": "ledgerhq",
"type": "Data Leak",
"date": "06/2020",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"