Ledger customer data exposed via Global-e payment processor, firm investigates

Beincrypto reported that Ledger suffered a security incident on January 5, 2026, in which customer personal data was exposed through third-party payment processor Global-e.

According to blockchain investigator ZachXBT, emails sent to affected users show names and contact details were accessed without authorization. Ledger reportedly detected unusual activity within a portion of its cloud infrastructure linked to Global-e, acted quickly to contain the incident and engaged independent forensic experts to investigate and secure systems. There is no indication that wallet funds or private keys were compromised, but experts warn exposed data raises the risk of phishing and targeted social‑engineering scams.

The breach comes days after Trust Wallet fund outflows and hours after attackers targeted MetaMask users, reviving concerns about systemic security weaknesses including supply‑chain and third‑party risks. Repeated incidents, and echoes of Ledger's 2020 data exposure, have put pressure on the company to strengthen vendor management, internal protocols and customer education while investigations continue into related industry vulnerabilities.

Key Topics

Crypto, Ledger, Global-e, Zachxbt, Trust Wallet, Metamask