Ledger, the French firm specializing in cryptocurrency hardware wallets, is notifying customers of a data breach affecting those who made purchases through its e-commerce platform using Global-e, a third-party payment processor. The breach, which occurred in January 2026, compromised basic personal information and order details, prompting warnings of potential phishing attacks.
The incident centers on Global-e’s cloud-based systems, which handle order processing, localization, and tax compliance for Ledger’s online store since October 2023. According to a statement released by Ledger, the breach did not impact the security of its hardware wallets, software systems, or users’ cryptocurrency holdings. “Our network has not been impacted,” Ledger stated to BleepingComputer. “The platform’s hardware and software systems remain secure.”
Global-e initiated an investigation after detecting unauthorized activity within its cloud infrastructure on January 5, 2026. Forensic experts determined that some customer data had been accessed. Ledger confirmed that the exposed data includes names and contact information, as well as details of products purchased and prices paid. Crucially, Ledger and Global-e have both stated that sensitive financial data, such as credit card numbers, bank account details, and passwords, were not compromised.
“Importantly, no payment information was involved,” Ledger emphasized. The company likewise reiterated that attackers did not gain access to users’ 24-word recovery phrases – essential for accessing cryptocurrency wallets – or any other secrets related to digital assets. Global-e similarly stated it does not store sensitive identification documents like government IDs, as they are not required for order fulfillment.
Despite assurances regarding the security of crypto assets, both companies are urging customers to remain vigilant against potential phishing attempts. Global-e warned that cybercriminals may attempt to impersonate either the company or the brands it supports, including Ledger, in order to solicit personal information. “Though only limited contact details were improperly accessed… out of an abundance of caution we encourage you to remain vigilant to any suspicious or unsolicited communications,” Global-e stated in a fact sheet. The company specifically advised against clicking on suspicious links or responding to requests for information via text message or phone call.
Security researchers have already observed early examples of phishing campaigns exploiting the breach. NanoBaiter, a professional scam-hunter, shared evidence on social media of cybercriminals capitalizing on the compromised data. This incident follows a series of recent data breaches affecting major cryptocurrency platforms, including Coinbase and Binance, raising concerns about the vulnerability of customer data within the broader crypto ecosystem.
Ledger has stated that it is working with Global-e to investigate the incident and implement additional security measures. The company has not yet provided a definitive number of customers affected, but has indicated that it is notifying individuals whose data may have been compromised. As of February 27, 2026, neither Ledger nor Global-e has released a comprehensive report detailing the full extent of the breach or the specific vulnerabilities exploited.
