Under the Breach, a cybersecurity firm, recently published claims by a hacker that they had managed to steal data from Trezor and Ledger hardware wallet users. The hackers were now selling the data on the internet, according to a tweet from the cybersecurity firm.
How the Hackers Got the Data
The hackers used a security flaw in Shopify to carry out their hack. Under The Breach shared screenshots that included phone numbers, emails, hardware wallet users, names, and addresses. However, thus far, the claims have been denied by Shopify. The company claims that data of its users is still secure.
Under The Breach later tweeted that there was no proof to back up the claims made by the hackers. However, the hacker who was behind the hack insists that they stole the data and are willing to sell it. It has been claimed that it was the same hacker who hacked the Ethereum.org platform in 2016.
Trezor and Ledger Deny the Claims
Besides Shopify, Trezor and Ledger have also denied that any data from their users was stolen. Trezor was the first to deny the claims. They said that the rumors of the data from their e-shop being stolen were false. They noted that their e-shop did not use Shopify. However, they said they were investigating the issue.
The blog post added that the company often purged old customer records to minimize the impact of a hack. According to the blog post, they purge all data from a user after 90 days of an order being placed. Trezor also noted that after a careful analysis of the data published by the hacker, they found that it did not match their customer records. According to them, the records published appear to be fabricated. They concluded by assuring users that their user data had not been stolen.
Ledger also denied the claims made by the hackers. They tweeted that they were looking into the claims. However, they noted that thus far the database published by the hacker did not match their database.
Are Hardware Wallets Safe?
Thus far, it is not clear why the hacker made the claim. However, it is worth noting they were not claiming to have hacked the wallets, only the data associated with them. In general, hardware wallets are quite safe. The only way to steal crypto from them would be by using a private key. However, Peter Todd, a former BTC Core Developer noted that it was possible to hack a Trezor wallet during a February podcast interview. According to Todd, you would only need to have the hard wallet in your possession and a bit of knowledge to access the contents of the wallet in minutes.
As a result, the intention of claiming to leak data regarding hardware wallets would be to ensure holders of the wallets are targeted physically. What the hacker was doing was illegal and if they are caught, it could lead to a long stay in prison. However, their claims appear to be fake and an attempt to gain fame online.
Image Source: Shutterstock
Notice: Information contained herein is not and should not be construed as an offer, solicitation, or recommendation to buy or sell securities. The information has been obtained from sources we believe to be reliable; however no guarantee is made or implied with respect to its accuracy, timeliness, or completeness. Authors may own the crypto currency they discuss. The information and content are subject to change without notice. Visionary Financial and its affiliates do not provide investment, tax, legal or accounting advice. This material has been prepared for informational purposes only and is the opinion of the author, and is not intended to provide, and should not be relied on for, investment, tax, legal, accounting advice. You should consult your own investment, tax, legal and accounting advisors before engaging in any transaction. All content published by Visionary Financial is not an endorsement whatsoever. Visionary Financial was not compensated to submit this article Please also visit our Privacy policy; disclaimer; and terms and conditions page for further information.