- Ledger CEO Pascal Gauthier wrote a follow-up message to clients following the data breach event.
- Gauthier dismissed any possibility of a refund and said the firm will instead spend on improving its security standards.
- The company has hired a new chief information security officer, five months after the event took place.
Share this article
After a massive data breach, Ledger’s CEO Pascal Gauthier has written an open message to clients. In it, he advises users to keep their seed phrase in a bank vault.
Ledger Will Not Refund Customers
On social media, Ledger customers have demanded refunds saying the company has failed to maintain their assets’ security.
.@Ledger I want damages being paid for the grievance and total invasion of privacy we witness thank to your company’s wrongdoing.
Please DM me for arranging compensation in order to avoid a civil lawsuit.#SueLedger
— Kim de Vos (@kim0raku) December 21, 2020
CEO Gauthier dismissed the refunds, adding that the company should instead spend money on improving their products’ security standards.
Gauthier added that Ledger is further enhancing its data security by testing all of its systems, conducting another bug bounty, and spreading awareness of the ongoing phishing attacks.
“That’s precisely Ledger’s mission: we continuously invest to improve security standards. That’s also why we won’t be refunding customers like some have suggested,” Gauthier wrote.
Addressing the concerns about physical security threats of more than 270,000 affected Ledger customers, Gauthier said it is better to avoid self-custody of private keys.
The CEO said that if clients hold a large amount of money in cryptocurrency, it is better to store the private keys in a bank vault instead of keeping them at home.
“Do not keep your Recovery sheet in a safe at home. A bank vault is much more secure. Not having immediate access to your backup increases your resilience to physical threats,” Gauthier said in the message.
Ledger Is Hiring New Cybersecurity Team
Gauthier further announced that the company had hired a new Chief Information Security Officer (CISO) to improve security standards.
We’re trying to be as reactive as possible to ensure the situation doesn’t repeat itself. We have hired a new Chief Information Security Officer (CISO) and executed penetration tests & forensic analysis to test these and find additional vulnerabilities on our e-commerce systems.
— Ledger (@Ledger) December 22, 2020
The new CISO Matt Johnson is a former Group Chief Security Officer at the fintech company Ingenico and will be joining Ledger in January. Gauthier also said the company is looking for “world-class” security talent to support the new security leader.
However, Gauthier failed to explain why it took the company more than five months since the data breach to hire a data security officer.
Ledger Breach Vastly Underestimated, 270,000 Clients Data Leaked
Based in France, Ledger is the largest cryptocurrency hardware wallet company. Despite the firm’s reputation, it failed to secure its database containing the personal data of those customers, according to…
Bitcoin Wallet Provider Ledger Compromised Again by Malicious Phishing…
The famed hardware wallet manufacturer, Ledger, has suffered from a phishing attack. The event may be connected to a leak of the company’s customer data in July 2020. Ledger Users…
Bitcoin Wallet Ledger Joins DeFi Movement, Integrating DEX Platform De…
Ledger became the first hardware wallet integrated into DeversiFi, a decentralized exchange (DEX), marking Ledger’s move into the DeFi ecosystem. Ledger Enters the DeFi Arena Ledger, a leader in helping…