
Ledger: Addressing the July 2020 e-commerce and marketing data breach - sfusato
https://www.ledger.com/addressing-the-july-2020-e-commerce-and-marketing-data-breach
======
geoah
TL;DR

> On the 14th of July 2020, a researcher participating in our bounty program
> made us aware of a potential data breach on the Ledger website. We
> immediately fixed this breach after receiving the researcher’s report and
> underwent an internal investigation. A week after patching the breach, we
> discovered It had been further exploited on the 25th of June 2020, by an
> unauthorized third party who accessed our e-commerce and marketing database
> – used to send order confirmations and promotional emails – consisting
> mostly of email addresses, but with a subset including also contact and
> order details such as first and last name, postal address, email address and
> phone number. Your payment information and crypto funds are safe.

