Ledger has alerted some of its customers that their personal data may have been exposed following a breach of its third-party payment processor, Global-e. According to the company, its own systems — including hardware wallets and core software — remain secure, but order data stored by the external provider was accessed by unauthorized actors.

What Happened

On January 5, 2026, Ledger informed affected customers that their personal information — specifically names and contact details — was exposed when hackers breached the systems of Global-e, an e-commerce and payment platform used as the Merchant of Record for purchases on Ledger.com.

Ledger emphasized that there was no breach of its internal infrastructure and that the incident did not affect wallet hardware, software, private keys, seed phrases, or digital asset balances.

Global-e manages checkout, order processing, compliance, localization, and taxes for multiple global brands. While it stores order data required to fulfill customer purchases, it does not retain payment card information or cryptographic keys related to Ledger wallets.

Impact Overview

Details & Technical Risks

The unauthorized access occurred outside Ledger’s own environment, within Global-e’s cloud-based systems that store order information for many global brands — not just Ledger. Exposed order data did not include financial information such as payment card numbers.

Despite the breach not impacting Ledger’s hardware, seed phrases, or digital assets, this customer information exposure heightens the risk of phishing campaigns and other fraud attempts. Attackers may use the leaked contact details to craft convincing targeted scams aimed at tricking users into divulging sensitive security data like recovery phrases.

Ledger’s Guidance to Users

Ledger has advised customers to:

• Stay alert to unsolicited communication. Be skeptical of unexpected emails, phone calls, or texts claiming to be from Ledger or Global-e.

• Never share seed phrases. Ledger will never ask for your 24-word recovery phrase under any circumstances.

• Verify communications independently. If unsure, contact official Ledger support directly through their website.

• Avoid clicking suspicious links or downloading attachments. These could be part of phishing or malware campaigns.

Affected customers should receive direct communication from Global-e with more details about the breach and its impact. Ledger encourages users to reach out to Global-e if they have further questions.

Key Takeaways

While Ledger’s core systems and the cryptographic integrity of customer wallets remain uncompromised, this incident is yet another reminder of the vulnerabilities introduced through third-party service providers. Personal customer information in the hands of attackers presents a significant risk for follow-on scams, particularly in the crypto space where social engineering is rampant.

Staying vigilant and informed is critical: Ledger users should be cautious with any unexpected outreach and always protect their seed phrases and private keys.

Disclaimer: ClearPhish maintains a strict policy of not participating in the theft, distribution, or handling of stolen data or files. The platform does not engage in exfiltration, downloading, hosting, or reposting any illegally obtained information. Any responsibility or legal inquiries regarding the data should be directed solely at the responsible cybercriminals or attackers, as ClearPhish is not involved in these activities. We encourage parties affected by any breach to seek resolution through legal channels directly with the attackers responsible for such incidents.