Cybersecurity company Under The Breach has announced that it has identified an ad for the sale of stolen data from three popular hardware wallets. The hacker claims to sell information from users of Treasure, Ledger and KeepKey from Shapeshift.
The Ethereum forum hacker is now selling the databases of @Trezor and @Ledger.
Both of which obtained from a @Shopify exploits.
(suggesting there are many more underground leaks).The hacker also claims he has the full SQL database of famous investing site @BankToTheFuture. pic.twitter.com/4M3f2bQKvB
– Under the Breach (@underthebreach) May 24, 2020
The announcement claims that the data was stolen by exploiting a vulnerability of the e-commerce site Shopify. The hacker posted screenshots that include the names, addresses, phone numbers and emails of users available for sale, but without including passwords.
Ledger and Treasury are investigating the situation
Ledger and Treasury said they were investigating the situation, and Shopify said it had not identified any vulnerabilities or signs that the platform had been compromised. In addition, Trezor claims that it does not collaborate with Shopify, which indicates that the data would not come from them.
Security in the crypto space – How we protect our cryptocurrencies!
Images released by cybersecurity firm Under The Breach show that the hacker also claims to have a complete SQL database for the BnkToTheFuture investment platform.