Incident Overview

A threat actor using the handle "ShiJiayi" claims to be selling customer order data allegedly belonging to Ledger, a cryptocurrency hardware wallet company. The compromised data reportedly originates from a breach at Global-e, a third-party e-commerce and order processing provider used by Ledger. According to Ledger's official statement, Global-e experienced a security incident on January 12, 2026.

• Official Statement: Ledger references the Global-e incident at https://support.ledger.com/article/Global-e-Incident-to-Order-Data---January-2026
• Third-Party Breach: Data allegedly obtained from Global-e, not directly from Ledger
• Total Records: Slightly over 50,000 records
• Data Contents: Order information and email addresses (every line contains these)
• Partial Data: Not all lines contain phone numbers, names, or country information
• Email Addresses: Customer email addresses
• Phone Numbers: Customer phone numbers (where available)
• Names: Customer names (where available)
• Country Information: Customer country data (where available)
• Order Information: Details related to customer orders
• Pricing: 1 BTC (price is not firm and negotiable)
• Conditions: Serious offers only with Proof of Funds or from past clients
• Sample Data: Available (shown in screenshot but blurred)
• Contact Requirement: Telegram or Signal contact required for serious buyers