Claim your damage
against LEDGER

What happened?

One of the best-known manufacturers of hardware wallets, Ledger SAS, headquartered in Paris, France, which has so far been able to score points with its customers for high security and ease of use, has been hacked. The cyber attack took place in June 2020 and personal customer data was stolen. The corresponding database with over one million email addresses and personal contact data was published on an internet forum. Since the private keys can only be used by the owners, no cryptocurrencies should have been stolen in the attack.

However, the published information is personal customer contact data that is now online and accessible to everyone. This is the marketing and e-commerce databases, which gave the attackers access to personal contact data. According to Ledger, however, no payment data was affected by the hack. Furthermore, mainly customers from the period June 2020 would be affected.

What should be done now?

All customers who own a Ledger hardware wallet should urgently check whether their data could also be affected by the hack. According to Ledger, around 270,000 customers were affected by the current cyber attack and have already been informed about the incident by email. The exposed data includes email addresses as well as personal contact information such as name, address and phone number.

Since the stolen data is now publicly available on the net, anyone can access it. It is therefore considered very likely that phishing attempts, blackmail and other methods could increase in the coming months. For this reason, it is recommended to carefully check the authenticity of all e-mail correspondence with Ledger. Those affected should now under no circumstances disclose sensitive data such as recovery seeds or passwords.

What legal options do you have to take action against LEDGER?

As far as is known, personal data of almost 300,000 customers were disclosed. Specifically, personal data of the customers, namely first name and surname, address and telephone number were published. The disclosure of the database with thousands of personal data over probably several weeks is likely to constitute a serious violation of the GDPR (European General Data Protection Regulation). According to Art 82 of the GDPR, any person who has suffered material or non-material damage due to a data protection violation is entitled to compensation from the responsible party, i.e. Ledger SAS.

"Due to the serious data protection breach, customers should definitely be compensated."

- Dr. Florian Scheiber - Attorney at Law

Information about the collection procedure

Due to the large number of applications, the collective procedure is currently closed. However, we will be happy to examine your individual request.