Skip to content
Supply chainUnknown

Ledger: 105,000 French cryptocurrency holders exposed

In April 2026, a database of roughly 105,000 French Ledger customers — stolen in the January 2026 breach of its e-commerce provider Global-e and exposing names, postal addresses, emails and phone numbers — was put back up for sale on a cybercrime forum.

Victim
Ledger
records
105.0K

On 4 April 2026, Ledger — the French maker of crypto hardware wallets — was again in the spotlight when a database covering roughly 105,000 of its French customers was put back up for sale on a cybercrime forum, reportedly priced at around $68,000.

The records did not come from a fresh compromise of Ledger itself. They originate from the January 2026 breach of Global-e, the third-party e-commerce and payment provider that acts as merchant of record for orders placed on Ledger.com. Global-e's cloud information system was accessed without authorization, exposing order data for customers who had purchased Ledger products, with the affected orders dating from late 2025 to early 2026. Ledger and Global-e notified impacted users on 5 January 2026.

Exposed data categories include:

  • Full name
  • Postal address
  • Email address
  • Phone number

According to Ledger and Global-e, payment card details were not affected, and the incident did not touch Ledger hardware devices, the Ledger Live software, or customers' recovery phrases or wallets. The danger is contextual: because the leaked contacts are confirmed crypto-wallet owners, the data is highly valuable for targeted phishing, extortion and social-engineering campaigns. The April resale illustrates a common breach lifecycle, with stolen data continuing to circulate and generate profit for threat actors months after the original incident.

Sources

  1. cyberattaque.orghttps://www.cyberattaque.org/ledger-105-000-detenteurs-francais-de-cryptomonnaies-exposes/
  2. support.ledger.comhttps://support.ledger.com/article/Global-e-Incident-to-Order-Data---January-2026
  3. coinacademy.frhttps://coinacademy.fr/actu/ledger-fuite-donnees-prestataire-global-e/

Related incidents

Supply chainOngoing

Claimed leak at MaSalleDeSport - unspecified volume

On 22 February 2026, a hacker known as "84City" claimed to have breached MaSalleDeSport, a CRM and management provider for 2,000+ French gyms (Basic-Fit, Fitness Park, ON AIR Fitness, L'Orange Bleue), exposing member names, phone numbers, SMS and addresses for a potential 1M+ people.

Victim
MaSalleDeSport (Basic-Fit, Fitness Park..)
Supply chainContained

Leak at Discord

On 4 October 2025 Discord disclosed a breach of a third-party customer-support provider that exposed support-ticket data and roughly 70,000 government-ID photos (submitted for age-verification appeals), plus names, emails, IP addresses and partial billing details.

Victim
Discord
Records
70.0K