VERDICT —UNRATED
Verdict pending. Auto-ingested incidents are reviewed before a public verdict is rendered.
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
On July 25, 2020, there was unauthorized access to Ledger's database, resulting in data leakage. The leaked data includes e-commerce and marketing data, but payment information and encrypted assets are safe. Ledger’s announcement claimed that the API Key was used to achieve unauthorized access to the database. Currently, the API Key has become invalid. Attack method (per SlowMist): Information Leakage. Reported loss: -.
Primary source
https://www.ledger.com/addressing-the-july-2020-e-commerce-and-marketing-data-breach ↗Sourced from
slowmist
Technical record
- chain
- —
- protocol
- Ledger
- bug_class
- access-control
- date_occurred
- 2020-07-25
- loss_usd
- —
- source_id
- sm:ledger::2020-07-25
Related — same bug class· access-control
2026-05-13
27d ago
ARB
access-control
$132.7K
AUDIT-CATCHABLE
2026-05-12
28d ago
ETH
access-control
$47.5K
UNRATED
2026-05-12
29d ago
—
access-control
$455.0K
UNRATED
2026-05-11
29d ago
POLY
access-control
$101.4K
AUDIT-CATCHABLE
2026-05-10
1mo ago
ARB
access-control
$209.0K
UNRATED
2026-05-10
1mo ago
ARB
access-control
$209.0K
UNRATED