The incident marks one other safety concern for the French crypto firm, which has confronted a number of information publicity occasions since 2020.
How the Breach Occurred
Global-e, a cross-border e-commerce platform that handles worldwide transactions and fee processing for main manufacturers worldwide, detected uncommon exercise in its cloud programs. The corporate instantly carried out containment measures and employed unbiased forensic consultants to analyze the unauthorized entry.
The breach got here to public consideration when blockchain investigator ZachXBT shared buyer notification emails on social media. Affected Ledger clients obtained direct communications from International-e explaining the incident.
In keeping with Ledger’s statement, the unauthorized get together gained entry to order information saved in International-e’s info programs. Solely clients who made purchases on Ledger.com utilizing International-e because the service provider of file had been probably impacted.
What Info Was Uncovered
The compromised information consists of buyer names and speak to info. Nevertheless, the precise sorts of contact particulars—whether or not e mail addresses, telephone numbers, or bodily addresses—haven’t been totally specified by both firm.
Importantly, a number of important sorts of info weren’t compromised. Cost particulars akin to bank card numbers and checking account info remained safe. The breach didn’t have an effect on pockets restoration phrases, non-public keys, blockchain balances, or any cryptocurrency holdings.
Ledger emphasised that its personal {hardware}, software program, and platform programs weren’t breached. As a self-custodial pockets supplier, International-e by no means had entry to customers’ 24-word seed phrases or digital property. No buyer funds are in danger from this incident.
Supply: @zachxbt
The corporate has not disclosed the entire variety of affected clients. International-e confirmed that Ledger was not the one model impacted by the breach, stating that the attacker accessed order information from a number of retailers.
Why This Issues for Crypto Customers
Whereas no cryptocurrency was stolen, the publicity of buyer contact info creates vital safety dangers. Attackers can use this information to launch focused phishing campaigns towards recognized cryptocurrency holders.
In keeping with crypto safety agency ScamSniffer, phishing assaults stole $83.85 million in 2025. Ledger clients are significantly enticing targets as a result of attackers know they personal crypto {hardware} wallets.
The leaked info might allow refined social engineering assaults. Scammers may ship emails or texts referencing precise purchases or order particulars to look reputable. Some assaults might escalate to telephone calls from pretend “help representatives” trying to trick customers into revealing their restoration phrases.
In excessive instances, information breaches exposing crypto holder addresses have led to “wrench assaults”—bodily threats and extortion makes an attempt. Following Ledger’s 2020 breach, some clients reported receiving threats demanding ransom funds.
Ledger’s Troubled Safety Historical past
This incident is much from Ledger’s first information publicity downside. In 2020, the corporate suffered a serious breach by way of its e-commerce companion Shopify. That incident initially uncovered roughly 1 million e mail addresses and detailed info for about 10,000 clients.
The complete scope of the 2020 breach wasn’t revealed till December of that yr, when Ledger found that 272,000 clients had their names, postal addresses, and telephone numbers stolen. A further 20,000 buyer data had been later discovered to be compromised by way of rogue Shopify staff.
The stolen information was dumped on hacking boards and ultimately shared publicly. This led to years of persistent phishing campaigns focusing on Ledger customers. A category-action lawsuit was filed towards each Ledger and Shopify over insufficient information protections.
In December 2023, attackers compromised Ledger’s Join Equipment JavaScript library in a provide chain assault, draining almost $500,000 from customers interacting with affected decentralized purposes throughout a short window.
Extra not too long ago, in April 2025, Ledger customers obtained professionally designed fraudulent mail instructing them to scan QR codes and enter their restoration phrases—a rip-off that the corporate confirmed was linked to beforehand stolen buyer information.
What Customers Ought to Do
Ledger and safety consultants are urging affected clients to train excessive warning. Customers must be extremely suspicious of any sudden emails, textual content messages, or telephone calls claiming to be from Ledger or International-e.
Crucial rule: by no means share your 24-word restoration phrase with anybody below any circumstances. Neither Ledger nor International-e will ever request this info. Any communication asking for seed phrases is unquestionably a rip-off.
Prospects ought to confirm all communications by contacting Ledger or International-e immediately by way of official channels relatively than responding to unsolicited messages. Be cautious of clicking hyperlinks in emails, even when they seem reputable.
Ledger recommends utilizing Clear Signing transactions the place potential and using Transaction Examine when submitting blockchain transactions. These options assist confirm transaction particulars earlier than approval.
Following the disclosure, ZachXBT advised that customers think about offering minimal private info when buying {hardware} wallets to restrict publicity in future breaches. Some security-conscious consumers use various delivery addresses or restricted contact particulars.
The Greater Image
International-e handles checkout, order processing, and compliance companies for quite a few main manufacturers together with Disney, Netflix, Adidas, and others. The truth that a number of manufacturers had been affected suggests the breach stemmed from International-e’s infrastructure relatively than any challenge particular to Ledger.
The incident occurred alongside different current crypto safety issues. Belief Pockets’s Chrome extension was compromised in December 2025, resulting in roughly $7 million in losses. MetaMask customers have additionally been focused by phishing scams mimicking two-factor authentication verification.
These repeated incidents display that offer chain vulnerabilities stay one of many weakest hyperlinks in crypto safety. Attackers more and more goal third-party distributors who’ve entry to person information relatively than trying to breach core pockets programs immediately.
For affected customers, the primary risk is now social engineering relatively than direct theft of cryptocurrency. Vigilance towards phishing makes an attempt can be essential within the coming months as attackers probably try to use the leaked contact info.
Staying Safe in an Insecure World
The Ledger-International-e breach serves as a reminder that even security-focused firms face dangers from their third-party partnerships. Whereas no crypto funds had been compromised, the publicity of buyer contact info creates lasting vulnerability to social engineering assaults.
Customers ought to stay skeptical of all unsolicited communications and keep in mind that reputable firms won’t ever request restoration phrases or non-public keys. Because the crypto trade continues rising, each firms and customers should keep fixed consciousness of evolving safety threats.
Sven Luiv Sven Luiv Read More
