Our Ecommerce Database Has Not Been Hacked

05/25/2020 | Blog posts

On Sunday an unknown hacker claimed that he was in possession of leaked databases from Ledger, Trezor and Keepkey’s ecommerce platforms. 

After a thorough investigation from our data and security team and based on the information at hand, we can confirm this leak doesn’t match our database. 

Therefore, we trust our client’s data is not prone to be used for phishing attacks, scams or any other attacks. To sum up, and after multiple discussions with other industry players and partners, it is our conviction that this is merely an attempt at spoiling Ledger’s reputation and is nothing but a hoax

Several clues led us to such conclusion:

We think this situation is a great opportunity to reiterate the importance we place on the security of your data and to describe the way we manage it at Ledger.

Ledger puts security at the core of all its activities. Our world class security team (the Donjon) works daily to improve security in the whole ecosystem, always keeping user’s security and privacy at the forefront.

Because privacy is an integral part of the Ledger security model, the Donjon works on a daily basis in close collaboration with our in-house privacy team as part of our ambitious data protection program.

As a European business, Ledger abides by the EU General Data Protection Regulation (GDPR) which is renowned to be one of, if not the strictest data protection regulation in the world to date.

Beyond regulations, at Ledger, privacy is embedded in our philosophy and culture. This transpires in our privacy by design approach and the fact that users of our products, such as the hardware wallets or Ledger Live, are not required to create login. This also means we strive at developing and enforcing robust processes to ensure the confidentiality and integrity of your data. In doing so, we’ve put a strong focus on the following best practices: