Ledger customers have been notified of a fresh data exposure involving personal information after a security incident at a third-party service provider used by the company for international payments.
According to emails, the alert informed customers that Global-e, a payments and logistics firm working with Ledger, experienced a data exposure that may have compromised certain customer details. The message stated that affected information included names and contact details, though it did not specify how many users were impacted or exactly what data fields were involved.
The notice began circulating more widely after it was shared on social media by blockchain investigator ZackXBT. As of Monday, Ledger had not published a formal statement outlining the scope of the incident or confirming how long the data may have been accessible. It also remains unclear whether any additional personal or financial information was affected.
Community alert: Ledger had another data breach via payment processor Global-e leaking the personal data of customers (name & other contact information).
— ZachXBT (@zachxbt) January 5, 2026
Earlier today customers received the email below. pic.twitter.com/RKVbv6BTGO
Ledger is widely known for its hardware wallets, which store cryptocurrency private keys offline and are marketed as a more secure alternative to software wallets and centralized exchanges. The company serves millions of users worldwide, including both individual investors and institutional clients, and places a strong emphasis on security as a core feature of its products.
The latest incident has drawn attention in part because of Ledger’s past struggles with customer data protection. In 2020, personal information linked to more than 270,000 Ledger customers was leaked online after attackers gained access to marketing and e-commerce databases. That breach exposed names, email addresses, phone numbers, and, in some cases, home addresses, leading to reports of phishing campaigns and harassment targeting affected users.
In the aftermath, Ledger offered a bitcoin reward for information related to data attacks and faced a class-action lawsuit alongside e-commerce partner Shopify. The lawsuit alleged that insufficient safeguards had left customer data vulnerable.
While there is no indication so far that the current exposure matches the scale of the 2020 breach, the situation is likely to renew questions around how cryptocurrency companies and their external service providers manage sensitive customer information. It also highlights the growing importance of data security beyond core wallet technology, especially as crypto firms rely on a wider network of partners for payments, logistics, and customer support.
For now, customers are left waiting for more details as Ledger and its payment partner assess the impact. The episode serves as another reminder that even companies built around security must remain vigilant across every part of their operations.
