Ledger has confirmed that customer data was accessed following a security incident at its ecommerce and payments partner, Global-e Exposed information includes customer names, contact details, and order data such as purchased products and pricing, though Ledger says no financial data, passwords, or recovery phrases were compromised. Global-e began notifying affected users on January 5 and warned that phishing campaigns are already underway, with attackers impersonating both companies. Ledger has urged customers to be vigilant, emphasizing it will never request recovery phrases, send replacement devices, or ask users to scan QR codes. Security researchers have already observed real-world phishing attempts exploiting the breach.
Bleeping Computer has the details here: Ledger customers impacted by third-party Global-e data breach
Anders Askasen, VP of product marketing, Radiant Logic has this comment:
“This incident shows why identity risk extends far beyond credentials. Contact and order data, when paired with brand trust, is sufficient to drive highly effective phishing. That data typically sits scattered across third-party platforms, outside direct control and with little governance. Without unified identity and data observability, organizations discover phishing only after attackers have already weaponized their data.”
Will Baxter, Field CISO, Team Cymru adds this:
“What stands out here is how quickly threat actors pivoted from data exposure to active phishing campaigns. That speed highlights the need for continuous and proactive threat intelligence to spot emerging lures, spoofed domains, and brand impersonation infrastructure as soon as it appears. Organizations should not rely solely on customer warnings, but proactively monitor for brand abuse tied to known incidents. Early detection means faster takedowns — and better protection for users — even when the initial breach occurs through a third-party partner.”
We’re six days into the new year and we have a supply chain attack with a side of phishing tossed in. Thus proving that if you’re one of the good guys, you need to make sure that you’re looking for threats that will come at you from multiple sources as that’s how the bad guys roll these days.
Like this:
Like Loading...
Related
This entry was posted on January 6, 2026 at 11:57 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Ledger confirms customer data accessed
Ledger has confirmed that customer data was accessed following a security incident at its ecommerce and payments partner, Global-e Exposed information includes customer names, contact details, and order data such as purchased products and pricing, though Ledger says no financial data, passwords, or recovery phrases were compromised. Global-e began notifying affected users on January 5 and warned that phishing campaigns are already underway, with attackers impersonating both companies. Ledger has urged customers to be vigilant, emphasizing it will never request recovery phrases, send replacement devices, or ask users to scan QR codes. Security researchers have already observed real-world phishing attempts exploiting the breach.
Bleeping Computer has the details here: Ledger customers impacted by third-party Global-e data breach
Anders Askasen, VP of product marketing, Radiant Logic has this comment:
“This incident shows why identity risk extends far beyond credentials. Contact and order data, when paired with brand trust, is sufficient to drive highly effective phishing. That data typically sits scattered across third-party platforms, outside direct control and with little governance. Without unified identity and data observability, organizations discover phishing only after attackers have already weaponized their data.”
Will Baxter, Field CISO, Team Cymru adds this:
“What stands out here is how quickly threat actors pivoted from data exposure to active phishing campaigns. That speed highlights the need for continuous and proactive threat intelligence to spot emerging lures, spoofed domains, and brand impersonation infrastructure as soon as it appears. Organizations should not rely solely on customer warnings, but proactively monitor for brand abuse tied to known incidents. Early detection means faster takedowns — and better protection for users — even when the initial breach occurs through a third-party partner.”
We’re six days into the new year and we have a supply chain attack with a side of phishing tossed in. Thus proving that if you’re one of the good guys, you need to make sure that you’re looking for threats that will come at you from multiple sources as that’s how the bad guys roll these days.
Share this:
Like this:
Related
This entry was posted on January 6, 2026 at 11:57 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.