Ledger says there was a data breach at its payment processor Global-e, announced on January 5, 2026.

Ledger emailed customers whose information was affected to say personal data, such as names and contact information, had been accessed improperly. Global-e took action upon noticing unusual activity on the part of its network and hired independent forensic experts to investigate.

Ledger announces a third-party processor breach

Ledger told customers that Global-e, which processes its payments, had noticed suspicious activity in part of its network. Global-e took immediate action to block the relevant systems when it became aware of suspicious activity in its cloud environment. Independent forensic experts have been hired to investigate.

The investigations concluded that some personal data, involving names and contact information, were breached. Ledger has refused to divulge the total number of users affected or the exact reason behind the breach.

It is the second time that customers have been affected by unauthorized access at Ledger, after the first in April 2025. Ledger relies on Global-e to process payments and maintain contact information. Relying on third-party vendors creates more avenues for data to be accessed.

Global-e breach leaks customer contact information

The exposed data includes customer names and contact information. Ledger did not specify whether the breach included email addresses, phone numbers, physical addresses, or other types of contact information. Previous breaches have exposed various combinations of these.

It does not involve wallet recovery seed phrases, private keys, or any cryptocurrency holdings. No user funds were directly taken during the Global-e breach.

Past Ledger data breaches have aided phishing efforts. For instance, a breach in an e-commerce database in 2020 exposed approximately one million email addresses and detailed contact information of about 9,500 customers.

Ledger’s security history since 2020

Its first major incident was in June 2020, when an unauthorized person accessed the e-commerce and marketing database via a third-party API that had been misconfigured. Approximately one million email addresses were leaked with detailed contact information for 9,500 customers, including postal addresses, phone numbers, and names.

It drained between $484,000 and $600,000 in cryptocurrency from the users who were affected during a period of five hours. SushiSwap, Zapper, MetalSwap, and Harvest Finance were among the dApps affected by the compromised library being loaded. Within 40 minutes from the time it noticed the bug, Ledger’s team was able to pinpoint and fix the issue.

ZachXBT warns against trusting hardware wallet companies

Following Ledger’s latest disclosure, blockchain researcher ZachXBT posted a community alert. In response to a user asking where to safely store one’s funds, ZachXBT concluded that none of these hardware wallet companies can be trusted.

He suggested using fake information when purchasing hardware wallets in order to protect privacy. The idea is that giving false information can make it harder for the attackers to link the real identities to cryptocurrency holdings. If hackers breach a customer database, fake contact details dilute targeted phishing.

Get up to $30,050 in trading rewards when you join Bybit today