Hacker Sells Tens of Thousands of Ledger, Tezor, and Keepkey Users’ Info

The customer databases of Trezor, Ledger, and Keepkay have allegedly been listed for sale by the perpetrating hacker
The customer databases of Trezor, Ledger, and Keepkay have allegedly been listed for sale by the perpetrating hacker

The hacker that breached the Ethereum.org forum is allegedly selling the databases for the three most-popular crypto hard wallets — Ledger, Trezor, and KeepKey.

The three databases contain the name, address, phone number, and email for more than 80,000 users combined, however, they do not contain passwords for the accounts.

The hacker has also recently listed the SQL database for online investment platform, BnkToTheFuture.

Ledger and Trezor databases reportedly compromised

On May 24, cyber crime monitoring website, Under the Breach, spotted the hacker’s new listings for the databases of the top hardware wallet providers.

The hacker claims to be in possession of account information corresponding to nearly 41,500 Ledger users, over 27,100 Trezor users, and KeepKey’s 14,000 customers.

Chat logs posted to Twitter indicate that the data was stolen through exploiting a vulnerability to the popular e-commerce website platform Shopify.

However, a Shopify spokesperson told Cointelegraph that an internal investigation “found no evidence to substantiate” the hacker’s claims, “and no evidence of any compromise of Shopify’s systems.”

 

Hacker adds to bazaar of crypto account info

The hacker is now advertising the databases of 18 virtual currency exchanges and forums, in addition to the email lists of two crypto tax platforms.

The databases include the full SQL for Korean exchange Korbit spanning 4,500 users, three databases for Mexcican trading platform Bitso, and the complete account information including passwords for blockchain platforms Blockcypher, Nimirum, and Plutus.

The hacker specifies he is only interested in premium bids, stating: “Don’t offer me low dolar, only big money allowed.”

A Bitso representative told Cointelegraph that its response protocols have so far “not found evidence that a third party has sufficient information to access our customers’ accounts.” The exchange’s cyber security team is currently in the process of further investigations into the veracity of the information published.

KYC platforms comprise honeypot for hackers

Last week, BlockFi reported a data breach resulting from a Sim-swap attack. Customers’ full names, email address, date of birth, and physical addresses were leaked. Client funds were not impacted.

At the end of April, Etana, a custody firm that provides services to Kraken, also suffered a data breach that did not see any customer funds lost.

Update: This article was updated on May 25 to include comments from a Shopify representative and a Bitso spokesperson refuting that the firm’s systems were compromised.