Online data monitoring and prevention service Under the Breach says a hacker is attempting to sell client information belonging to cryptocurrency hardware wallet manufacturers Trezor, KeepKey, and Ledger.
According to a tweet published May 24, Under the Breach said an the alleged hacker of the Ethereum.org forum was attempting to sell databases belonging to Trezor, KeepKey and Ledger. The stolen data was reportedly obtained via an exploit involving the e-commerce platform Shopify, with the tweet implying more leaks could have occurred that have gone unnoticed.
The hacker also claimed to have the full SQL database belonging to the online crypto and fintech investment bank, BnkToTheFuture.
The Ethereum forum hacker is now selling the databases of @Trezor and @Ledger.
Both of which obtained from a @Shopify exploit.
(suggesting there are many more underground leaks).The hacker also claims he has the full SQL database of famous investing site @BankToTheFuture. pic.twitter.com/4M3f2bQKvB
— Under the Breach (@underthebreach) May 24, 2020
In a subsequent tweet, the data monitoring service claims to have warned BnkToTheFuture about the leaked information.
They aren't aware of it as far as I know, I messaged @BankToTheFuture a few days ago, couldn't get them to take it seriously.
— Under the Breach (@underthebreach) May 24, 2020
The documents posted by Under the Breach reveal the hacker allegedly has information belonging to three large databases encompassing 80,000 clients.
Ledger responded to the proposed Shopify data breach the same day, calling the hack a “rumor.” The crypto wallet manufacturer claimed to have analyzed screenshots from the leaked database and found it did not match their records.
Rumors pretend our Shopify database has been hacked through a Shopify exploit. Our ecommerce team is currently checking these allegations by analyzing the so-called hacked db, and so far it doesn’t match our real db. We continue investigations and are taking the matter seriously.
— Ledger (@Ledger) May 24, 2020
A Shopify representative told News.Bitcoin that the company had investigated the security breach and found “no evidence” of any compromise.
Featured Image Credit: Photo via Pixabay.com