The firm dealing with cybercrimes investigation unveils its chat with a hacker who claims that he has hacked the databases for prominent hardware wallets, including Trezor and Ledger. Besides two hard wallets, he has a SQL database of the investment firm, Bank To The Future.
KeepKey and Bitso are also Included
The Israel-based cybercrime investigation firm, Under the Breach, has published some screenshots on Twitter showing chat with the hacker who claims to have databases for many virtual websites, including top crypto-related sites such as Ledger, Trezor, KeepKey, Ethereum.org forum, and crypto payment processor Bitso. The databases include the particular personal information of users, including their names, email addresses, phone numbers, and physical addresses. However, he does not have passwords for these accounts.
The hacker is claiming to have customers’ info of Ledger (41,500 customers), Trezor (27,100 customers), and KeepKey (14,000 customers). Recently, he has also claimed to have full SQL data of a prominent investment company, Bank To The Future.
The Reaction of Ledger and Trezor
Both Ledger and Trezor reacted on Twitter over the hacker’s claim. Ledger states that its team is investigating, but currently, they have not found evidence of breaching. Ledger stated:
“Rumors pretend our Shopify database has been hacked through a Shopify exploit. Our ecommerce team is currently checking these allegations by analyzing the so-called hacked db, and so far it doesn’t match our real db. We continue investigations and are taking the matter seriously.”
Trezor says they are not working with Shopify, but their team is also investigating whether it is true or not. Trezor said:
“There are rumors spreading that our eshop database has been hacked thru a Shopify exploit. Our eshop does not use Shopify, but we are nonetheless investigating the situation. We’ve been also routinely purging old customer records from the database to minimize the possible impact.”
According to the Twitter post of cybercrime investigating team, the hacker is currently holding the databases for eighteen online platforms and exchanges. Two crypto tax firms are also included in the list.
He is currently demanding a big amount of money in return for users’ sensitive data as he says,” Don’t offer me low dollar, only big money allowed.”