On May 25, 2020, a cybercrime resource known as Under the Breach informed the crypto community that a hacker is purportedly trying to sell customer info that stems from crypto wallet companies Trezor and Ledger, as well as data from the Bnktothefuture SQL database.
The hacker is said to be the same person that compromised the Ethereum.org forum database, and he claims to have three massive databases with info affecting an alleged 80,000 clients.
Under the Breach, documents reveal that the hacker has, email address, phone number, home address, and other personal data.
Luckily, the information provided by Under the Breach shows that there are no passwords available and only identity information per request.
Shopify, Ledger and Trezor Label the Claims “Rumors”
On May 24, 2020, the firm Ledger addressed the Shopify discussion and called it a “rumour” but confirmed they are investigating the matter.
“Rumors pretend our Shopify database has been hacked through a Shopify exploit. Our eCommerce team is currently checking these allegations by analyzing the so-called hacked DB, and so far it doesn’t match our real [database] DB.”
Similarly, the company that manufactures Trezor hardware wallets has also denied the situation. Trezor’s official Twitter account stated that the rumoured hack simply isn’t possible since the Trezor e-shop does not use Shopify, but they are nonetheless investigating the allegations.
To further refute the attack, Shopify representatives told reporters that they investigated claims of a hack on their platform and found no evidence to substantiate them, and no evidence of any compromise of Shopify’s systems.
Shopify Hacker Could Be Bluffing
The alleged Shopify hacker has had a number of doubtful claims and allegedly has the databases for nearly 20 crypto exchanges around the globe. The individual has also claimed that he compromised two digital currency tax companies and is planning to sell that data as well.
Even if the companies affected by this alleged hack deny it occurred, some customers are worried about how cybercriminals might use data containing sensitive details on users for phishing and spamming.
Recently, similar attacks have occurred where hackers have reportedly sold personal data of 267 million Facebook users in April 21, 2020.
Moreover, Binance exchange informed users just a few weeks ago that a flaw in the mail app Apple Inc. had been exposed, which leaves data users vulnerable to attacks.