The cryptocurrency industry has been plagued by hackers, and their attacks grow stronger as the technology continues to develop. From exchanges to hardware wallets, no platform seems to be safe as the latest victims of these bad actors are customers of hardware wallet maker Ledger. The company has been attacked multiple times in 2020, and this time customers have been receiving threatening emails after 20,000 more of its customers were affected by another massive data breach.
The extortionists were using names like Darrin Burlew and Denni Hornig, and sent emails to customers whose personal information was leaked as a result of the major data breach that shook the company early last year.
According to a Reddit user Crypthomie, his father, who owned a Ledger, had received an email today. The email contained his name, physical address, and phone number. The email demanded a 0.3 Bitcoin or 10 Ether (ETH), worth approximately $12,000. If the said sum was not paid, the scammer threatened that he’d face physical violence.
“I am taking this very seriously and Ledger has made a very big mistake. I know that those scammers sending emails by hundreds are just trying their luck by creating fear, but when it comes to the safety of your family it’s another story,” the Redditor said.
“Don’t be fooled people, no one will come to your home to kill you but this feeling of insecurity is a scandal and Ledger has to do something about it,” he added.
Similar emails were also reported by multiple other Ledger users with crypto ransom demands that need to be paid in 24 hours, or they would face “horrifying” consequences.
“Are you able to imagine all the possible consequences that can occur to you and your loved ones?” the scammer said in one of the emails. “I hope you do not ruin every little thing for yourself by making the wrong choice.”
These threats came a day after Ledger reported that data about approximately 20,000 more users had been leaked via Shopify, supposedly by “rouge members” of the platform’s support team.
June attack hurting Ledger
Back in June, Ledger’s marketing and e-commerce database was compromised. However, back then, Ledger had notified that hackers were able to access the emails of approximately one million customers and the order information for a few, and only 9,500 phone numbers, postal addresses, and details of product purchases were exposed.
It was soon discovered hat hackers accessed user information as well during the June attack. Following the attack the attackers dumped 1,075,382 email addresses from users subscribed to the Ledger newsletter, and 272,853 hardware wallet orders with information including email addresses, physical addresses, and phone numbers, on the infamous hacker website Raidforms.
To address this situation, Ledger stated that it would work with analytics firm Chainalysis and others to track the scammers’ wallets. The company added that it will also report any illicit transactions to law enforcement, when it may be able to “freeze the crypto assets should they land on exchanges.”