On January 5, 2026, Ledger disclosed a data breach involving Global-e, the third-party ecommerce platform Ledger uses for international orders. Customer order data was exposed, including names, postal addresses, email addresses, phone numbers, and order details. Crypto assets, private keys, and seed phrases were not affected by the breach itself. The funds are safe. The downstream effects are not necessarily safe, because the leaked data is exactly the dataset attackers need to build convincing phishing campaigns against hardware wallet owners. Reports of impersonation calls and emails started arriving within hours of the disclosure. This piece walks through what was leaked, what the realistic risks are, what affected users should do, and what the breach says about supply chain considerations for hardware wallet purchases.
The breach didn't touch Ledger's own systems. Global-e is a third-party service Ledger contracts with to handle international ecommerce, currency conversion, and cross-border payments. The attackers gained access to Global-e's database of Ledger-related orders and extracted: - Name - Postal address (shipping address) - Email address - Phone number - Order details (order number, product purchased, price paid) What was not leaked: private keys, wallet funds, payment card details, or anything that would directly allow an attacker to access crypto. Ledger devices generate seed phrases locally and don't share key material with Ledger or any third party, so a third-party breach of order data has no path to the key itself. The breach is the second large data exposure Ledger has experienced. A 2020 breach exposed similar data on roughly 270,000 customers and led to a multi-year wave of phishing attacks against affected users.
The funds are technically safe. The leaked dataset still creates real downstream risk for two reasons. First, the data is exactly what an attacker needs to build a convincing phishing campaign. A phishing email that references your name, your order, the product you bought, and the date you bought it gets past the skepticism a generic phishing email would trigger. Within hours of the January disclosure, affected users reported a surge in phishing emails impersonating Ledger and Global-e support. Second, the postal address creates physical-world attack vectors. A snail-mail phishing campaign targeting hardware wallet users emerged in early 2026, with attackers sending convincing letters impersonating official communications and asking recipients to complete "Authentication Check" or "Transaction Check" procedures. The Ledger breach gave attackers a clean address list to mail to. For high-net-worth holders, the physical address exposure also raises personal-safety concerns. The dataset identifies people who bought hardware wallets and could in principle hold meaningful crypto positions, which has been a factor in the wave of "wrench attacks" (physical coercion) that crypto security advocates have been tracking.
Four practical moves close most of the downstream exposure. Treat any communication that claims to be from Ledger, Global-e, or a related service as suspect until verified through a known-good channel. The dataset gives attackers what they need to impersonate official outreach convincingly. Never share seed phrases, PINs, or recovery information with anyone claiming to be support, regardless of how official the message looks. Set up email filters and a separate inbox for crypto-related communications if you haven't already. The leaked email addresses will appear in phishing lists for years. Ignore physical mail asking you to "authenticate" or "verify" anything related to a hardware wallet. Ledger and other hardware wallet vendors don't send mailed verification requests. The legitimate update path for any hardware wallet runs through the vendor's app, never through the postal service. Consider an address change for new hardware wallet purchases. A PO box or business address keeps your home address out of future ecommerce databases that may also get breached.
The Ledger breach is a specific instance of a broader pattern. Hardware wallet vendors handle sensitive customer data: who bought what, when, where it was shipped. Every vendor relies on some chain of third-party providers (payment processors, fulfillment partners, ecommerce platforms) that can be breached independently of the vendor's own security. Three questions worth asking before you buy any hardware wallet: Does the vendor minimize the data it collects? Some vendors collect only what they need to fulfill an order. Others collect marketing data, behavioral data, and account information that creates a larger exposure surface if they get breached. Where is the order data stored, and what third parties handle it? Vendors using a single integrated commerce stack have fewer third-party exposure surfaces than vendors using multiple specialized partners. Does the vendor offer privacy-respecting purchase options? Some hardware wallet vendors accept payment in crypto (which doesn't require KYC), ship to PO boxes without verification issues, or allow purchases through resellers that don't share data back to the vendor. The right answer depends on your threat model. For most retail holders, the convenience of a normal ecommerce flow outweighs the marginal exposure of a third-party data breach. For holders with elevated threat profiles (high net worth, public profile, location sensitivity), the privacy-respecting purchase path is worth seeking out.
What Ryder One can structurally claim, regardless of the order-fulfillment stack: the private key is generated on the device's EAL6+ Infineon SLC38 secure element and never leaves the chip. No third party (Ryder included) has access to the key or the seed phrase. The breach of any order-management system, ours or anyone else's, has no path to the funds because the funds aren't custodied anywhere in that stack. For users moving from Ledger to Ryder or considering Ryder for the first time, the relevant security comparison runs at the device and recovery layer, where the long-term failure modes live.
The January 2026 Ledger breach didn't touch funds, though it did hand attackers a clean dataset of hardware wallet owners to phish, scam, and (in some cases) physically target. Affected users should treat unsolicited communications about their wallet as suspect, set up email filters, and ignore mailed verification requests. For new hardware wallet purchases, the supply chain question (who handles the order data and how it's protected) is worth adding to the buying checklist.
Your funds live on the device, well away from any ecommerce stack. Ryder One generates and holds your private key on an EAL6+ secure element that never connects to the internet, so order-data breaches at any retailer have no path to your wallet. See how it works.
The only crypto wallet you can install on a crowded subway.
Set it up in less than 60 seconds and just tap your phone to send, swap, and recover.
Share: