Ledger faces class action from phishing scam victims

Apr 9, 2021 | CoinTelegraph News | 0 comments


Ledger and Shopify are facing a class-action lawsuit over sensitive information regarding 270,000 of Ledger’s customers’ that was stolen by Shopify employees.

Ledger and Shopify have been hit by a class action lawsuit over a major data breach that saw the personal data of 270,000 hard wallet customers stolen between April and June 2020,

Phishing scam victims John Chu and Edward Baton filed the lawsuit in California against the crypto wallet provider and its e-commerce partner Shopify on April 6.

The Plaintiffs alleged that the firms “negligently allowed, recklessly ignored, and then intentionally sought to cover up” the data breach. The data was stolen when rogue employees of Shopify accessed the company’s e-commerce and marketing database for Ledger, with the hackers then selling the data on the dark web.

“Had Ledger acted responsibly during this period, much of that loss could have been avoided,” they claim.

The pair are seeking redress for the damages caused by the breach, requesting “all relief allowed by law, including injunctive relief.” Chu lost $267,000 worth of BTC and ETH, and Baton lost $75,000 worth of XLM in phishing scams that impersonated correspondence from the firms.

The data, spanning full names, email, phone numbers, and shipping addresses, was eventually posted on the website RaidForums in late December. The lawsuit accuses Ledger in particular of failing to “individually notify every affected customer or admit to the full scope of the breach.”

“Ledgers and Shopify’s misconduct has made targets of Ledger customers, with their identities known or available to every hacker in the world. Ledger’s persistently deficient response compounded the harm. In failing to individually notify every affected customer or admit to the full scope of the breach.”

While it has yet to be proven if the firm knew the full scope initially, it published a blog post in July 2020 stating that 9500 users had their data leaked at the time.

Ledger fully acknowledged the data leak on January 13, in a blog post that confirmed that access to their user database had been a result of the Shopify hack, while announcing changes to how they store data, communicate with customers, and also offered a 10 BTC bounty fund for information leading to successful arrest and prosecution of the hackers.

News Source from CoinTelegraph.com

Related Articles

Robinhood names new COO to oversee its crypto operations

Robinhood names new COO to oversee its crypto operations

Robinhood has named a new chief operating officer with experience in product management and operations to oversee its crypto platform, the team behind the online brokerage announced Thursday.  Christine Brown has served as the vice president of Robinhood Markets'...

Pin It on Pinterest

Share This