Key Takeaways

  • Ledger CEO Pascal Gauthier wrote a follow-up message to clients following the data breach event. 
  • Gauthier dismissed any possibility of a refund and said the firm will instead spend on improving its security standards.
  • The company has hired a new chief information security officer, five months after the event took place.

Share this article

After a massive data breach, Ledger’s CEO Pascal Gauthier has written an open message to clients. In it, he advises users to keep their seed phrase in a bank vault.

Ledger Will Not Refund Customers

On social media, Ledger customers have demanded refunds saying the company has failed to maintain their assets’ security.

CEO Gauthier dismissed the refunds, adding that the company should instead spend money on improving their products’ security standards.

Gauthier added that Ledger is further enhancing its data security by testing all of its systems, conducting another bug bounty, and spreading awareness of the ongoing phishing attacks.

“That’s precisely Ledger’s mission: we continuously invest to improve security standards. That’s also why we won’t be refunding customers like some have suggested,” Gauthier wrote.

Addressing the concerns about physical security threats of more than 270,000 affected Ledger customers, Gauthier said it is better to avoid self-custody of private keys

The CEO said that if clients hold a large amount of money in cryptocurrency, it is better to store the private keys in a bank vault instead of keeping them at home.

“Do not keep your Recovery sheet in a safe at home. A bank vault is much more secure. Not having immediate access to your backup increases your resilience to physical threats,” Gauthier said in the message.

Ledger Is Hiring New Cybersecurity Team

Gauthier further announced that the company had hired a new Chief Information Security Officer (CISO) to improve security standards.

The new CISO Matt Johnson is a former Group Chief Security Officer at the fintech company Ingenico and will be joining Ledger in January. Gauthier also said the company is looking for “world-class” security talent to support the new security leader. 

However, Gauthier failed to explain why it took the company more than five months since the data breach to hire a data security officer.

Share this article


Please enter your comment!
Please enter your name here