Ledger and Shopify Face Class Action Lawsuit Over Data Breach

2021-4-9 00:51

Hardware wallet firm Ledger and its e-commerce partner Shopify have been hit by a class-action lawsuit over a 2020 data breach that leaked the personal data of 270,000 customers.

Plaintiffs Lost Funds In Phishing Attacks

The legal complaint has been brought to a North California court by former customers John Chu and Edward Baton, who seek damages over the massive data breach.

The plaintiffs do not claim that the breach affected Ledger’s hardware wallets. Rather, they claim several users lost their crypto in phishing attacks due to personal data being leaked.

Between April and June 2020, rogue employees at Shopify, Ledger’s e-commerce partner, exploited a database vulnerability.

This allowed the hackers to gain illegitimate access to Ledger clients’ personal data included full names, email, phone numbers, and shipping addresses, which were sold on the dark web. By early December 2020, reports continued to escalate about phishing attempts on hardware wallet users.

Later, on Dec. 21, 2020, a hacker posted the data on a website called RaidForums for anyone to freely access.

Due to the phishing attacks that followed, plaintiff Chu lost about 4.2 BTC and 11 ETH, worth about $267,000 at the time of the complaint. Baton, meanwhile, lost about 150,000 XLM.

Did Ledger Notify Clients In Time?

The lawsuit alleges that Ledger failed to notify affected customers and admit to the breach’s full scope in time. The plaintiffs now seek damages for their lost funds.

“Ledger’s efforts to cover up and downplay the actual and potential scale of the breach in the months leading up to its widespread public disclosure caused disastrous harm to its customers,” the legal document reads. “During that time, many crypto-asset investors lost massive sums of money.”

“Had Ledger acted responsibly during this period, much of that loss could have been avoided,” the document continues.

It is not yet proven whether Ledger knew about the hack’s scope and willfully chose not to inform its users. Ledger released information about the breach initially in July 2020, which revealed that about 9500 users were affected.

In a January 2021 blog post from Ledger, the company admitted to underestimating the breach. If Ledger’s account is correct, it was not until hackers published all 270,000 entries that the company understood the true extent of the breach was larger than it believed.

Disclaimer: The author did not hold any cryptocurrency mentioned in this article at the time of press.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Faceter (FACE) на Currencies.ru

$ 0 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: -30.60 %
Cегодня L: $0 - H: $0
Капитализация $0 Rank 99999
Цена в час новости $ 0.0008739 (-100%)

lawsuit data breach action shopify face ledger

lawsuit data → Результатов: 24


IRS is not Infringing Privacy By Requesting Data From Crypto Exchanges, Judge Decides

A federal court from California has recently decided that the requests made by the Internal Revenue System (IRS) to the cryptocurrency exchange Bitstamp in a specific case were not illegal. According to the judge, most of the arguments provided by William Zietzke, who filed a lawsuit against the IRS, lack merit. Zietzke argued that the […]

2019-11-30 00:34


Tesla Autopilot’s Safety Profile Fails to Withstand Scientific Scrutiny, May Be Increasing Traffic Deaths

In a world increasingly turning to AI and automated solutions for answers, Tesla’s self-driving cars were seen as groundbreaking. The technology is certainly promising. However, an independent investigative report has debunked alleged findings by the US National Highway Traffic Safety Administration (NHTSA), which gave Tesla the all-clear after a crash involving a self-driving car.

2019-3-7 20:17