Daily Crypto Briefs 
Jan. 5, 2026 -
Ledger customers faced another personal-data exposure after Ledger-linked payment processor Global-e reported unauthorized access to shopper information, as bitcoin traded around $93,800.
The incident stems from the checkout layer run by Global-e, a cross-border e-commerce and logistics provider used for some Ledger.com orders, not from Ledger devices or Ledger Live, and it centers on leaked contact details that can be recycled into convincing social engineering.
Bitcoin was about $93,773 on Jan. 5, up roughly 2.9% over 24 hours, with estimated 24-hour spot volume near $45.6 billion as the news broke.
Blockchain investigator ZachXBT, who surfaced the episode publicly, wrote in a message on his Telegram channel: “Community alert: Ledger had another data breach via payment processor Global-e leaking the personal data of customers (name & contact information).”
What the Global-e breach exposed for Ledger customers
The data at issue is personal information tied to commerce, including customer names and contact details such as email addresses, phone numbers, and shipping addresses. Global-e described the event as unauthorized access after unusual activity in a portion of its cloud infrastructure, said it contained the incident, and said it brought in outside forensic support. The total number of affected Ledger customers was not disclosed.
Ledger said the exposure did not include private keys, recovery seed phrases, passwords, or wallet balances. For readers new to self-custody, a seed phrase is the master backup that can recreate a wallet, so it is the one secret that must never be shared in a message or typed into a website.
Ledger’s data leak history keeps the phishing risk alive
The new Global-e incident lands in a long shadow. In 2020, Ledger disclosed a breach of its e-commerce and marketing database in a post from its leadership, a data set used for order confirmations and promotional emails, and warned that contact details could be misused for scams.
Public breach trackers still show the lasting footprint. Have I Been Pwned lists a Ledger breach affecting 1.1 million accounts, a scale that helps explain why Ledger-themed phishing has remained a recurring pattern for years after the original disclosure.
Ledger has also faced security issues that did not rely on personal data leaks. In December 2023, Ledger published a security incident report on an exploit involving Ledger Connect Kit that injected malicious code into some apps using the library and tricked users into signing wallet-draining transactions.
How to protect yourself after a Ledger data breach
Treat any unexpected Ledger-branded email, SMS, or phone call as hostile until proven otherwise, even if it includes your real name, address, or order details. Leaked customer data makes scams look legitimate, and the most common ask is still the recovery phrase.
If you need to contact support, navigate directly to Ledger’s official domains rather than clicking links in messages.
For a practical refresher on how keys and digital signatures work, and why a seed phrase is so powerful, see our tutorial on cryptographic keys and digital signatures, then apply the same discipline to every support interaction.
What remains unclear is the full scope of affected customers and what exact fields were accessed in Global-e’s systems. Readers should watch for follow-up disclosures from Global-e and Ledger, and treat any support outreach that asks for recovery words as a scam.
Primary sources and further reading
| Source | Title |
|---|---|
| | ZachXBT - community alert on Telegram |
| | ZachXBT - community alert on X |
| | Ledger - July 2020 e-commerce and marketing data breach post |
| | Have I Been Pwned - Ledger breach entry |
| | Ledger - Security incident report (Connect Kit, Dec. 2023) |
Fact-checked by: Daily Crypto Briefs Fact-Check Desk
Frequently Asked Questions
Was my Ledger seed phrase exposed in the Global-e breach?
No. The incident was described as a shopper-data exposure at a third-party payment processor, not a compromise of Ledger devices or recovery phrases.
What data is at risk in a Ledger customer data leak?
Typically names and contact details like email, phone number, and shipping address. That information can be used for targeted phishing and identity attacks.
Were payment card details exposed in the Global-e incident?
That was not disclosed in the sources cited in this report. Even when card details are not exposed, leaked names and addresses can still be used for targeted scams.
What should I do if I get an email that claims to be from Global-e or Ledger?
Do not click links or share recovery words. Go directly to the official website you trust, and treat any request for your seed phrase as a scam.
Can scammers steal crypto without my seed phrase?
They can still trick users into signing malicious transactions, but they cannot restore a wallet without the recovery phrase. Treat any request for your seed phrase as a scam.