Scammers Mail Fake Ledger Letters to Steal Your Crypto - Could Be Tied to 2020 Data Breach!

Phony Letters Demand Seed Phrases Under Guise of "Security Update"

Hold onto your hats, crypto fans! Scammers are now sending snail mail to Ledger hardware wallet users, pretending to be the company itself, in a wild new twist to steal those precious wallet seed phrases. And guess what? This scam might be connected to that massive Ledger data breach back in 2020!

Jacob Canfield just blew the whistle on X, showing off a slick photo of one of these bogus letters. This thing looks legit at first glance, decked out with Ledger's branding, their business address, and even a fancy reference number. But it's all a trap! The letter tells you to scan a QR code and spill your 24-word recovery phrase, claiming it's for some "critical security update." They even threaten that not playing along with their so-called "mandatory validation process" could lock you out of your crypto stash!

Breaking: New scam meta launched. Now they're sending physical letters to the @Ledger addresses database leak requesting an 'upgrade' due to a security risk.

Be very cautious and warn any friends or family that you know is in crypto and is not that savvy.

Ledger was quick to jump in and set the record straight in response to Canfield's post, saying, "Ledger will never ask for your 24-word recovery phrase. If someone does, it's a scam." You heard it straight from the horse's mouth, folks!

Canfield's got a hunch that these scam letters are tied to Ledger's infamous data breach from July 2020. Remember that? A sneaky hacker used an old API key to break into Ledger's e-commerce and marketing database, spilling the beans on around one million customer email addresses, plus names, phone numbers, shipping addresses, and details about what they bought.

We don't know for sure if Canfield's letter is directly linked to that 2020 breach, but BleepingComputer already spilled the tea that data from the breach has been used in all sorts of crypto phishing shenanigans, from fake emails to counterfeit hardware wallets and scam websites. Stay sharp out there, crypto warriors!