Ledger, the French hardware wallet maker known for its self-custodial crypto storage devices, has disclosed that customer data was exposed in a breach at Global-e, an e-commerce service provider used by multiple international retailers.
The unauthorized access targeted order data stored on Global-e’s cloud-based infrastructure and affected customers who made purchases on Ledger.com using Global-e as the Merchant of Record.
The incident, which Global-e has not yet publicly acknowledged, did not involve Ledger’s own infrastructure. Ledger clarified that its platform, hardware, and software systems remain secure, and there was no compromise of private keys, seed phrases, or user wallets. Additionally, no payment information was part of the exposed dataset.
The breach appears to be limited to personal order data, typically including names, addresses, emails, and purchase details, though the full extent of what was accessed remains unclear. According to Ledger, the affected data resided in a Global-e-managed cloud system used to process transactions and orders for several brands. Ledger emphasized that Global-e does not have access to users’ 24-word recovery phrases or any cryptographic secrets tied to their digital assets.
Global-e is a prominent cross-border e-commerce platform that enables international checkout and shipping logistics for consumer brands. The company serves as the Merchant of Record for online retailers, managing localized payment processing, compliance, and fulfillment services. Despite the scale and sensitivity of the breach, Global-e has not issued a public statement or responded to media inquiries at the time of writing.
Ledger says it was informed of the incident by Global-e and participated in coordinated efforts to notify impacted users. Global-e has reportedly sent communications directly to affected customers. Ledger has reiterated its policy of never requesting users’ recovery phrases and warns customers to be especially cautious of phishing attempts that may exploit leaked data.
Leave a Reply