
Ledger Breach
Jun 25, 2020
1,075,271 rows
What happened in the Ledger Breach?
DataBreach.com Team · September 6th 2025, 8:00 pm EDT
In June 2020, attackers compromised Ledger’s e-commerce and marketing database, exposing the personal information of hundreds of thousands of crypto hardware wallet customers. The breach impacted ~1.1 million email addresses and 272,000 records containing full names, phone numbers, and home addresses, data that was later dumped publicly online.
Consumer Fallout
The exposure immediately fueled phishing and extortion campaigns. Victims received emails and texts disguised as Ledger support, urging them to “update” their wallets or share recovery phrases. Others were targeted with physical letters and threats. Criminals demanded $700-$1,000 in Bitcoin, warning that refusal could lead to doxxing or physical harm. Some customers and even Ledger executives faced attempted home invasions and kidnapping risks.
Financial and Brand Impact
Analysts estimate the breach has cost Ledger over $33 million in remediation, legal exposure, and reputational damage (Lionsgate analysis). Despite repeated takedowns of phishing domains and public warnings, the leaked data remains a long-term weapon for threat actors.
Bottom Line
The Ledger breach shows how a single PII leak in crypto can spiral into years of phishing, extortion, and even physical danger. Even without stolen funds, the long-tail consequences for users have been severe - and largely irreversible.










