Ledger Users Targeted by Phishing Scam, 270,000 Affected

Ledger hardware wallet users have been targeted by a sophisticated phishing scam, with fraudulent emails disguised as official communications from the company. The scam emails, which were sent out recently, claimed to be an "Urgent Security Update" and instructed users to scan a QR code and provide their 24-word recovery phrase to regain control of their wallets. The emails were meticulously crafted to mimic Ledger's official branding, including the company's logo, address, and reference number. Users who did not comply with the email's demands were threatened with restricted access to their wallets.

Technical commentator Jacob Canfield was among the first to expose the scam on the X platform, warning users about the fraudulent email. Ledger's official response to the incident was swift and clear. The company stated unequivocally that this email is a scam and that they would never ask for a recovery phrase via phone, messages, or any other means. Ledger urged users to be vigilant against phishing attacks and to avoid falling victim to such scams.

The scam may be linked to a data breach that occurred in July 2020, when the personal information of over 270,000 Ledger users was compromised. The breach exposed sensitive data, including names, phone numbers, and addresses, which could have been used by hackers to craft more convincing phishing attempts. This incident highlights the ongoing threat of cybercrime in the cryptocurrency space and the importance of user vigilance in protecting digital assets.