The cryptocurrency wallet Ledger wrote an article that its marketing and e-commerce databases suffered data breaches at the end of June. However, users’ payment information and encrypted assets have not been affected, and the vulnerabilities have been fixed. Ledger stated that the vulnerability was reported by a researcher who participated in the bounty program on July 14. After fixing the vulnerability, Ledger launched an investigation and found that the vulnerability had been exploited by a third party on June 25, including the company’s marketing and e-commerce database was also compromised. After accessing the database’s API key, Was disabled. The database includes the e-mail addresses of about 1 million customers. In addition, the first name, last name, and phone number of some customers have also been leaked. At present, Ledger has not found these data for sale on the Internet.