- Ledger’s partner Global-e hit by data leak, exposes customer contact information
- Thousands of wallets might still be affected by Trust Wallet 2025 hack
Ledger, a top-tier producer of a hardware cryptocurrency wallet, is yet again suffering from a data breach on the side of the payment processing platform. The crypto community and security researchers foresee an incoming spike of phishing attacks.
Ledger’s partner Global-e hit by data leak, exposes customer contact information
Ledger, a provider of hardware cryptocurrency wallets, registered a massive data incident today, Jan. 5, 2026. The personal information of its clients was leaked by Global-e, a vendor of payment processing solutions in Ledger’s ecosystem.
So far, only names and contact information were reported as leaked. No signs of potential seed phrases or passwords being compromised or funds stolen have appeared so far.
At the same time, such an attack unlocks massive opportunities for phishing campaigns. Now, when real names and contact details of Ledger users are exposed, malefactors can start sending emails with malicious links or social engineering attempts.
As such, security researchers recommend to avoid opening any emails pretending to be authored by the Ledger team, in particular those with requests to “reset passwords.” No legitimate platform would ask for seed phrases, private keys, passwords or other personal information.
As covered by U.Today previously, this is the third big leak of Ledger users’ personal information with a third-party payment service provider to blame.
Thousands of wallets might still be affected by Trust Wallet 2025 hack
In 2020, a similar attack resulted in a spreadsheet with all affected users’ data available on the darknet for $8 per download.
One week ago, Trust Wallet, another top-tier self-custody wallet, was compromised by attackers. Hackers injected malicious JavaScript code that intercepted seed phrases, restored wallets on isolated machines and stole money.
You Might Also Like
While the team was fast to release an emergency update for its affected software — an extension for the Google Chrome browser — some users remained exposed to attackers even seven days after the hack.
As of Jan. 3, 2026, over 36,000 wallets still needed an emergency update, the team informed. Meanwhile, a reimbursement program is up and running for all victims of the Trust Wallet hack.