Ledger Confirms Customer Data Exposure After Global-e Breach, Says Wallet Security and Crypto Assets Remain Unaffected

Third-party e-commerce incident leaks personal order details while Ledger stresses no access to private keys, seed phrases, or funds

TL;DR

• Ledger confirmed customer personal data was exposed through a breach at its third-party e-commerce partner Global-e, disclosed publicly in early January 2026.
• Exposed information includes names, contact details, shipping addresses, and order data, while wallet security, private keys, and recovery phrases were not compromised.
• Ledger and Global-e are investigating the incident, with security experts warning of elevated phishing risks tied to leaked personal information.

We’ve just launched the all-new COIN360 Perp DEX, built for traders who move fast!

Trade 130+ assets with up to 100× leverage, enjoy instant order placement and low-slippage swaps, and earn USDC passive yield while climbing the leaderboard. Your trades deserve more than speed — they deserve mastery.

Ledger has confirmed that some of its customers were affected by a data breach originating from Global-e, a third-party e-commerce and payments provider used to process purchases on Ledger’s website, with the disclosure made public between January 5 and January 6, 2026. The hardware wallet maker said the incident involved unauthorized access to Global-e systems containing customer order information, emphasizing that Ledger’s own infrastructure, devices, and cryptographic systems were not breached. According to the company, the exposure was limited strictly to data handled by the external service provider and did not involve any compromise of crypto assets or wallet security.

Details emerging from multiple reports indicate that the data exposed includes customer names, email addresses, phone numbers, shipping addresses, and order-related information such as purchased products and prices. Ledger stated that no payment card details were accessed and that the breach did not expose private keys, recovery phrases, account balances, or any internal Ledger systems. The company reiterated that Global-e does not have access to sensitive wallet information, underscoring that hardware wallet security mechanisms and user funds remain intact.

The incident came to light after Global-e notified affected customers directly, with the notification later shared publicly by blockchain investigator ZachXBT. Following the alert, Ledger acknowledged the breach and said it engaged independent forensic experts to investigate alongside Global-e. Neither Ledger nor Global-e has disclosed how many customers were affected, and no precise timeline has been provided for when the unauthorized access first occurred. It also remains unclear whether data belonging to customers of other Global-e partner merchants was impacted, though Global-e’s client list includes several major international brands across retail and entertainment.

Ledger used the disclosure to issue renewed warnings to customers about phishing and social engineering risks, noting that while wallet credentials were not exposed, leaked personal details could be exploited by scammers to craft more convincing fraudulent messages. The company stressed that neither Ledger nor Global-e will ever ask users for their 24-word recovery phrase and advised customers to remain vigilant against unsolicited communications referencing recent orders or account issues.

Security analysts cited in related coverage pointed out that breaches involving names, addresses, and purchase histories can significantly increase the effectiveness of targeted phishing campaigns, particularly against cryptocurrency users who are already frequent targets of fraud. Even without access to wallet credentials, attackers can leverage personal data to impersonate legitimate companies, direct victims to fake websites, or initiate phone-based scams designed to extract sensitive information.

The disclosure has also drawn renewed attention to Ledger’s past data security challenges. In 2020, customer information stored in an external marketing and e-commerce database was exposed, leading to widespread phishing attempts against Ledger users in subsequent years. While Ledger emphasized that the current incident is unrelated and confined to a third-party provider, the recurrence has reignited concerns about the risks associated with centralized storage of customer data in the crypto hardware wallet industry.

Ledger said Global-e is continuing to contact affected users with additional information as the investigation progresses. The company maintained that the breach does not change the underlying security model of its hardware wallets but acknowledged the broader implications of personal data exposure, particularly in an environment where crypto-related scams remain prevalent.

This article has been refined and enhanced by ChatGPT.