A hacker is trying to sell customer information obtained from cryptocurrency companies Trezor, Ledger, and Bnktothefuture.
Hacker Offering to Sell Customer Data
According to Under the Breach, an online monitoring web portal, a hacker is currently trying to sell customer information from popular cryptocurrency wallets Ledger and Trezor. It also includes the data of customers of the investment platform BnkToTheFuture. According to Under the Breach, the hacker does not have the passwords to the clients’ accounts but he does have other information, including the customers’ email addresses, home addresses, and phone numbers, as this data was obtained following a Shopify breach.
Under the Breach highlighted that customers that bought products from Shopify and also cryptocurrency wallets and other items from Ledger, Trezor, Keepkey, and BnkToTheFuture might have had their identities hacked and leaked. The cybercrime resource added that the hacker is the same person that hacked the forum Ethereum.org, claiming that he has a massive cache of customer data.
The platform tweeted that the Ethereum hacker is selling the databases of wallet giants Ledger and Trezor, with all the information obtained from Shopify, which suggests that there are many more underground leaks. The hacker is also claiming to be in possession of the full SQL database of well-known investing site BnkToTheFuture.
The document revealed that the hacker has three large databases with data of over 80,000 customers. The information in possession of the hacker includes email address, name, phone number, residential address, and other relevant data.
No Link Between Shopify, Trezor and Ledger
The database of Shopify is linked to Ledger, Trezor, and Keepkey. However, on Sunday, May 24, Ledger came out to state that the Shopify discussion is nothing but a rumor. The cryptocurrency company tweeted that rumors are circulating about their Shopify database been hacked via Shopify exploits. They added that the e-commerce team of the company is looking into these allegations by analyzing the hacked DB. According to their findings so far, the hacked DB does not match their database, but the company will continue to investigate the matter as they are taking it seriously.
The company behind the Trezor wallets also came out to debunk the situation. Trezor’s official twitter account announced that there are rumors currently spreading that their e-commerce shop database has been hacked via a Shopify exploit. “Our eShop does not use Shopify, but we are nonetheless investigating the situation. We’ve also been routinely purging old customer records from the database to minimize the possible impact,” Trezor concluded.
Currently, there is no information regarding the state of the data obtained by the hacker. However, it is worrying that someone has the information of cryptocurrency enthusiasts trying to secure their crypto stash using cold storage wallets.
Despite the strong security within the cryptocurrency space, companies operating within the sector have been prone to cyber-attacks over the past few years. Cryptocurrency exchanges have been the primary target of hackers, with billions of dollars lost over the years to the hacking of these platforms. To secure their cryptocurrency reserves, customers turned to cold storage wallets like Ledger and Trezor. However, if the information regarding the hacking of these companies’ eshops is accurate, then customers need to take extra measure to keep their data safe, while protecting their cryptocurrencies.