What we can learn from the Ledger Hack

One of the biggest advantages of cryptocurrencies is that there is no central authority per se that stores a direct link between a user's identity and their funds. This protects the user's identity even if they are not using a privacy coin (e.g. Monero and Zcash), but a cryptocurrency with a transparent blockchain (e.g. Bitcoin, Dash, Litecoin, etc.).

Unfortunately, crypto users still have to rely on external services to store various data from them for many different purposes. Exchanges in particular are required by law to even request a copy of identification in addition to address information. So whenever an exchange is hacked, this data can end up in the hands of criminals who will use it for various purposes, credit card fraud being the most innocuous one.

The hack attack on hardware wallet manufacturer Ledger is in the same vein. In this attack, the names and addresses of hundreds of thousands of Ledger users were exposed. These users can now be targeted by criminals because owning a Ledger wallet also indicates owning cryptocurrencies. In the worst case scenario, the attack may even take the form of a break-in and not just a phishing email.

However, the difference between the attack on Ledger and the attack on an exchange is that a store does not have to follow the same tight legal regulations when it comes to storing user data. Therefore, the question arises as to why the data was in a hackable database in the first place, and not simply in a paper or a digital offline form in a locked filing cabinet.

Since we at ShopinBit want to protect the privacy of our users to the maximum, there is no question that we would ever store personal data in a hackable state for an extended period of time. In this regard, protecting users is not only a service to users, but also a service that a company provides to itself.

If you lose the trust of your users, you will have a hard time winning them back as customers in the future, even if the hack has no direct negative consequences for the individual in question. Those who put their users at risk may also make themselves legally liable, or in exceptional cases may even harm their users to such an extent that they no longer have the financial capacity to act as a customer again in the future.

In addition to the users and the company, however, there is another group that suffers from the careless storage of data: The crypto scene. Those who have fallen victim to this hack, or perhaps even just read about it, may emerge from the crisis with a weakened confidence in cryptocurrencies per se.

All of these points should always be in the back of companies' minds when they are in the position of having to store user data. And we should hope that other companies that have operated similarly to Ledger in the past will change their structure to be more protective of their users' data in the future as a result.

Tags: Sicherheit

The fields marked with * are required.

I have read the data protection information.