Class action lawsuit filed against crypto wallet firm Ledger, Shopify over 2020 customer data breach

Ledger and Shopify, which handle the online sales of the Ledger wallets, have been hit by a class action lawsuit over last year’s data breach.

Ledger produces some of the most popular cold wallets on the market.

In the summer of 2020, news of phishing attacks against Ledger users spread. The company eventually announced that it had suffered a data breach in June that compromised customer contact and order information. In December, a database of personal information for more than a quarter of a million Ledger customers was launched.

Ledger and Shopify eventually identified a fraudulent Shopify employee as responsible for the leak, but not before some users reported threats from home invasion and other scareware tactics. At that time, Ledger CEO Pascal Gauthier took to Twitter to reassure users that their hardware wallets hadn’t been compromised and that their funds were safe. Nevertheless, discussions about the initiation of a class action proceeding soon began.

The lawsuit, which was first filed in response to the information leak, came from the law firm Roche Freedman, which filed the complaint in a San Francisco court on April 6. The firm is known for its class action lawsuits against crypto firms like Binance, Tron and iFinex, the parent company of Tether and Bitfinex. Last week, Roche Freedman filed a lawsuit on behalf of a customer of Nexo, as reported by Law360.

Regarding the ledger violation, law firm partner Kyle Roche told The Block, “We have been investigating this since the day it was published. This investigation involved talking to experts in data security and cryptocurrency.”

In a statement, Ledger General Counsel Antoine Thibault said: “Ledger does not comment on ongoing legal issues. However, Ledger would like to take this moment to remind our customers to never reveal their 24 words and to confirm the recipient’s identity.” You have sole and complete control over access to your funds. “

The case will depend on who is responsible for what. Ledger’s wallets themselves have not been compromised, but the complaint includes the security of the Shopify service as part of Ledger’s duty to customers. As noted in the complaint: “[b]When Ledger is involved in crypto-asset security, it stands between the user’s funds and potential hackers. Client list anonymity is an essential and obvious element of the security Ledger provides. ”

At the heart of delegating responsibility is what Ledger and Shopify knew and how quickly they conveyed that information to users. Roche told The Block: “The case is remarkable as two very large and sophisticated companies that handle sensitive information need to explain why it took them so long to warn their customers about such a terrible and extremely harmful incident . “

The current complaint does not state how much relief is sought for the class, but rather the “[m]Controversial “valued at over $ 5 million. Currently, the complaint only relates to two Ledger users directly who lost a total of 4.2 BTC, 11 ETH and 150,000 XLM to phishing attacks. At today’s prices add up These stocks were $ 340,000, but were worth significantly less at the time of the attacks.

A copy of the complaint can be found below:

Ledger Shopify complaint from MichaelPatrickMcSweeney on Scribd

© 2021 The Block Crypto, Inc. All rights reserved. This article is for informational purposes only. It is not offered or used as legal, tax, investment, financial or other advice.

Comments are closed.