Hardware wallets have been touted to be the safer way to store and manage digital asset funds, but this may no longer be the case, after well-known hardware wallet brand Ledger suffered a data breach back in July this year. The hack has once again come under the spotlight as the hackers of the incident have finally made their move by releasing the personal data of 270,000 users on a database marketplace that deals with the sale of hacked information, RaidForums.
Ledger clarified that the hack did not put any user funds at risk, only “e-commerce related information”, but while funds are certainly not at any immediate risk, this does not stop hackers or scammers from utilizing the stolen data to further their schemes. According to Forbes, users affected by the data breach have found themselves being bombarded with phishing emails in attempts to trick users into revealing crucial information that would allow hackers access to their funds.
Carrying a physical hardware wallet, coupled with personal addresses being leaked, has also led to the concern of threat to physical security.
“Some of you have also expressed concerns about potential physical attacks as some of your shipping addresses were leaked. We understand the emotions created by this situation, yet important to acknowledge that there is no way to make any correlation between the data that has leaked and the funds on your wallet,” the team said in a statement.
Firstly, while funds are indeed safeguarded against online attacks with hardware wallets, other information is stored centrally online, including personal email addresses, physical addresses, telephone numbers and other private data. Although not mentioned in this particular case, the leak of bank details for example is something which users do not want to see happening.
The attack on ledger and the resulting data breach shows that hardware wallets are not foolproof in the fight to protect one’s own funds from falling prey to malicious attacks. As long as there is a centralized link in the process, there will always be a vulnerable point of entry for hackers.
You may also want to read: DeFi Protocol Nexus Mutual Founder Gets Hacked for $8M