Ledger Incident Offers Lessons In Information SecurityPosted By Michael Goris
Earlier in 2020, cryptocurrency storage company Ledger experienced a major data breach. It has since been revealed that more than 1 million email addresses, plus around 272,000 names, mailing addresses, and phone numbers were exposed. Major lessons can be taken away from this incident.
For those unfamiliar with Ledger and the resulting incident, Ledger is a French company offering cryptocurrency "wallets" that are used to store electronic cryptocurrencies, such as Bitcoin, Ethereum, and more. These are actual physical devices that resemble something like a USB flash drive. In July 2020, it was revealed that Ledger customers had their personal data exposed by hackers. Initially, it was thought that only 9,500 individuals were impacted. But it has since been revealed that the number of those affected is significantly more staggering.
The fallout for Ledger has been severe. Since the incident, more than 170 phishing websites have been taken down to try and prevent more people from being victimized. The company has also hired a new Chief Information Security Officer in an effort to provide stronger security moving forward. And of course, Ledger has repeatedly apologized for the incident, and they are promising to take the security of their customers more seriously from here on out. Many individuals have since criticized Ledger, not just for allowing the data breach to take place, but also for holding onto this sensitive data in the first place.
At Alarm Grid, we take security very seriously. And while our main focus is on alarm monitoring services, stories involving digital security are also fascinating to us. The purpose of our post today isn't to attack or shame Ledger, but we do want to remind our readers to protect themselves whenever possible. While we often expect that the companies in-charge will do the heavy lifting for us, mistakes and incidents clearly happen, so take it upon yourself to keep your personal data safe.
For starters, use a VPN while browsing the internet to prevent outsiders from accessing your browsing history and personal information. And yes, that means using a legitimate VPN, not just "Incognito Mode" in Chrome. Second, when you do have to provide information to outside companies, do what you can to keep your information safe. Try using a disposable email address when shopping online instead of your personal or work email. For your address, consider getting a PO box, or use a mail forwarding service. You might also want to get a second phone number to manage two-factor authentication, or use an app to generate fake phone numbers. Finally, always make sure to use safe and secure passwords, and never share them across multiple websites.
If you have any questions about keeping your personal information safe, or if you are interested in starting new monitoring service to protect your home or business, please email us at firstname.lastname@example.org. Security is something we take very seriously, and we will be happy to help you. We are available from 9am to 8pm ET M-F. We look forward to hearing from you!