**Ledger Customers Exposed in Third-Party Payment Processor Breach**
Hardware wallet provider Ledger is addressing a data exposure incident tied to its third-party payment processor, Global-e. The breach, first reported by blockchain investigator ZachXBT on X, involved unauthorized access to Ledger users' personal details—including names and contact information—stored in Global-e’s cloud system.
Global-e detected the suspicious activity and launched an investigation, confirming that an unauthorized party accessed customer order data. While the exact number of affected users and the timeline of the breach remain undisclosed, forensic experts verified the improper access. The company stated that payment information was not compromised.
Ledger clarified that the incident occurred at Global-e, not within its own systems, and emphasized that no hardware, software, or cryptocurrency-related data—such as seed phrases or wallet balances—was exposed. As the data controller, Global-e issued notifications to impacted customers. The breach also affected other brands using Global-e’s services, as the compromised cloud system contained order data from multiple retailers.
This is not Ledger’s first security incident. In 2020, a breach via e-commerce partner Shopify exposed data from 270,000 customers, and in 2023, a hack resulted in nearly $500,000 in losses for decentralized finance applications. Ledger has stated it is collaborating with Global-e to provide updates to affected users.
Ledger cybersecurity rating report: https://www.rankiteo.com/company/ledgerhq
Global-e cybersecurity rating report: https://www.rankiteo.com/company/global-e
"id": "LEDGLO1767622098",
"linkid": "ledgerhq, global-e",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Cryptocurrency, Cybersecurity',
'name': 'Ledger',
'type': 'Hardware Wallet Company'},
{'industry': 'E-commerce, Payments',
'name': 'Global-e',
'type': 'Payment Processor'}],
'attack_vector': 'Third-party breach',
'customer_advisories': 'Email notification sent to affected customers by '
'Global-e.',
'data_breach': {'personally_identifiable_information': 'Names, contact '
'information',
'sensitivity_of_data': 'Low to moderate (no payment '
'information or secrets)',
'type_of_data_compromised': 'Personal details (names, contact '
'information)'},
'description': 'Ledger experienced a data exposure incident linked to its '
'third-party payment processor, Global-e. Unauthorized access '
"to Ledger users' personal details like names and contact "
"information occurred from Global-e's cloud system.",
'impact': {'data_compromised': 'Personal details (names, contact information)',
'identity_theft_risk': 'Potential',
'payment_information_risk': 'None (payment information not '
'involved)',
'systems_affected': "Global-e's cloud system"},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'root_causes': "Unauthorized access to Global-e's "
'cloud system holding shopper order '
'data'},
'recommendations': 'Increased vigilance against third-party risks, enhanced '
'monitoring of third-party systems',
'references': [{'source': 'CoinDesk'}, {'source': 'ZachXBT (X/Twitter)'}],
'response': {'communication_strategy': 'Email notification to affected '
'customers',
'containment_measures': 'Swift implementation of controls',
'third_party_assistance': 'Independent forensic experts'},
'stakeholder_advisories': 'Ledger emphasized that the breach occurred at '
'Global-e and urged vigilance.',
'title': 'Ledger Data Exposure via Third-Party Payment Processor Global-e',
'type': 'Data Exposure',
'vulnerability_exploited': 'Unauthorized access to cloud system'}