Ledger, a crypto hardware wallet maker, and Shopify, an e-commerce company, are facing a class-action lawsuit in the United States over a massive data breach that happened last year.
First reported by The Block, law firm Roche Freedman filed a formal complaint against the two companies on April 6 on behalf of two lead plaintiffs.
A Massive Customer Database Available to Hackers Now
Ledger, which hosts its online shops on Shopify, officially admitted that it suffered a data breach in June which revealed customer emails and other information like physical addresses and phone numbers. However, the company clarified that the private keys of Ledger wallet users remained safe.
The situation for the company turned worse when a database containing the leaked customer information surfaced online in December, containing the personal information of a quarter-million of Ledger customers.
Many of the victims even started receiving threats of home invasion and other scare tactics from perpetrators. Though Ledger found that a rogue Shopify employee was behind the leaked database, the damage was already done.
The Rising Star of the DeFi Project, GIBXSwap, Passes CertiK Security AuditGo to article >>
As Finance Magnates reported earlier, many angry victims of the breach threatened the wallet maker with a class-action lawsuit, which materialized recently.
Roche Freedman, the law firm behind the lawsuit, has a reputation for going after crypto companies. Earlier, it moved against giants like Binance, Tron and iFinex with class-action lawsuits.
“We’ve been investigating this since the day it became public. This investigation included speaking with experts in the data security and cryptocurrency fields,” Kyle Roche, a partner of the law firm told The Block.
However, the legal minds at Ledger refrained from commenting on the ongoing case, only highlighting that the crypto funds held in the wallets are safe.
“To the world of hackers, Ledger’s customer list is gold,” the lawsuit stated. “It is a list of people who have converted substantial wealth into anonymized crypto-assets that are transferrable without a trace.”
“Using that list, hackers can manipulate or compel those owners to make untraceable and irreversible transfers of the crypto-assets into the hackers’ accounts. The stakes of security for crypto-assets are thus enormous.”