Ledger Customers Affected by Third-Party Payment Processor Data Breach

Ledger customers affected by a data breach at Global-e, a third-party payment processor used for purchases of Ledger hardware wallets or related products on [Ledger.com](http://ledger.com/).

The breach exposed personal and order information, including: names, postal addresses, email addresses, phone numbers, order numbers, products purchased, and prices paid.

No payment information, crypto wallet balances, or 24-word recovery phrases were accessed. Affected customers receive direct notifications from Global-e (no-reply@global-e.com).

Ledger highlights that its hardware, software, and blockchain platforms remain fully secure but emphasizes the importance of remaining vigilant against phishing.

Unfortunately, third-party breaches often remain the weakest link in the supply chain. While Ledger itself remains secure and has been proactive in supporting customers, the exposed data is likely to be misused in phishing or social engineering attacks.

Due to exposure, scammers may contact affected users via email, phone, SMS, linked messaging apps, or even physical mail, potentially including malicious links or QR codes.

Users are advised to remain vigilant and cautious, never share the 24-word recovery phrase, and report suspected phishing attempts to phishing@ledger.fr

Data Source: https://support.ledger.com/article/Global-e-Incident-to-Order-Data---January-2026

Image Source: Max Saeling / Unsplash