Crypto wallet Ledger faced a major customer data breach through its payment processor Global-e.
By Bhushan Akolkar
Editor Julia Sakovich
Updated
2 mins read
Ledger, the popular hardware crypto wallet provider, suffered a major security breach on Jan. 5. The incident involved its third-party crypto payment service provider Global-e. This is yet another major security incident in the first five days of 2026, after nearly $107,000 were drained from crypto wallets last week.
Blockchain investigator ZachXBT recently reported that Ledger’s customer personal data has been compromised via Global-e, the company’s third-party payment processor.
According to blockchain investigator ZachXBT, emails sent to impacted users indicate that personal information, including names and contact details, was accessed without authorization.
https://twitter.com/zachxbt/status/2008139053544194545
Ledger reportedly confirmed that it detected unusual activity within a segment of its cloud infrastructure connected to Global-e. The crypto wallet service provider noted that it has taken immediate measures to contain the incident. Besides, the company is also working with forensic experts over this matter.
The incident has intensified broader concerns around crypto security. It happens within days of Trust Wallet users reporting unauthorized fund outflows and only hours after attackers targeted MetaMask users.
Moreover, it is also not the first time that the crypto wallet Ledger is facing such an incident. In 2020, a data breach involving its e-commerce partner Shopify exposed the personal information of around 270,000 customers.
More recently, in 2023, Ledger suffered a separate hack that resulted in losses of nearly $500,000 and impacted multiple decentralized finance applications.
Ledger said there is no evidence that wallet funds or private keys were compromised in the incident. The company added that customers’ payment information was not affected and confirmed it is working with Global-e to notify impacted users and provide relevant details.
In a statement, Ledger emphasized that the security breach occurred within Global-e’s systems, not Ledger’s core infrastructure.
“This was not a breach of Ledger’s platform, hardware or software systems, which remain secure. For the avoidance of doubt, as the Ledger product is self-custodial, Global-e does not have access to your 24 words, blockchain balance, or any secrets related to digital assets,” it said.
Disclaimer: Coinspeaker is committed to providing unbiased and transparent reporting. This article aims to deliver accurate and timely information but should not be taken as financial or investment advice. Since market conditions can change rapidly, we encourage you to verify information on your own and consult with a professional before making any decisions based on this content.
Bhushan is a FinTech enthusiast and holds a good flair in understanding financial markets. His interest in economics and finance draw his attention towards the new emerging Blockchain Technology and Cryptocurrency markets. He is continuously in a learning process and keeps himself motivated by sharing his acquired knowledge. In free time he reads thriller fictions novels and sometimes explore his culinary skills.
