The company that manufactures hardware devices for storing cryptocurrencies confirmed that it had nothing to do with these communications.
Wallet Ledger owners began receiving paper letters from scammers asking them to reveal their seed phrase (the secret phrase for accessing assets) 'for security reasons'. The letters were made as if they were official notifications from the company. The hardware wallet manufacturer confirmed that this was a fraudulent scheme.
The scam was reported by trader Jacob Canfield, who posted a photo of a letter with the Ledger logo on X. The letter asked the recipient to complete a "mandatory wallet verification" and scan a QR code to enter the seed phrase.
"Failure to perform this mandatory verification process could result in restricted access to the wallet and funds," the letter reads.
Breaking: New scam meta launched. Now they're sending physical letters to the @Ledger addresses database leak requesting an 'upgrade' due to a security risk.
- Jacob Canfield (@JacobCanfield) April 28, 2025
Be very cautious and warn any friends or family that you know is in crypto and is not that savvy. pic.twitter.com/XoUAGQBJXt
In response to Canfield's message, Ledger confirmed that the letters are fraudulent. The company recalled that it never calls, does not write private messages and never asks for the secret phrase to restore a wallet.
According to the trader, the home addresses of the wallet holders were obtained by the scammers due to a data breach. In 2020, the company reported that the data of more than 270,000 wallet buyers had been compromised, including delivery addresses, phone numbers and email addresses. It was also reported that, after the incident, the personal information of 4,865 Russian users had been made public.
Ledger did not explain how the attackers obtained the users' addresses, nor did it confirm Canfield's claim that the source of the information for the fraudsters was a data leak.
Ledger faced a security crisis: $600.000 and abduction of co-founder shake crypto community
In December 2023, the Ledger Connect Kit code library, used for authorisation by many large crypto services, was hacked, and the attacker managed to withdraw funds from users' wallets. According to Ledger, users lost around $600,000 as a result of the incident, and the company has pledged to pay damages.
In January this year, Ledger co-founder David Balland was kidnapped from his home in France. The attackers took him away in a car and held him at another location, demanding a ransom in cryptocurrency. The day after the kidnapping, police, together with special forces, freed Balland.
These consecutive events have intensified the focus on both cybersecurity and physical security in the crypto sector. Although / has pledged to reimburse affected users and strengthen its infrastructure, confidence in hardware wallet providers has been shaken. The kidnapping of a high-profile executive further highlights the real dangers associated with digital assets. As the crypto sector continues to grow, these events are a clear warning: protecting assets requires vigilance on both the digital and personal fronts. The industry must now prioritise not only innovation, but also resilience and security at all levels.
