Another Lawsuit Has Been Filed Against Shopify By Cryptocurrency Holders Over The Ledger Data Breach
Shopify and Ledger, a hardware wallet maker, are facing a huge legal challenge after a group of Ledger customers filed a class-action lawsuit accusing them of failing to prevent a massive data breach in 2020.
The lawsuit, which was filed on April 1 in the United States District Court for the District of Delaware, claims that Shopify “repeatedly and severely failed to protect its clients’ identities.”
Despite marketing assurances ensuring the absolute security of the Shopify platform, complainants are holding Shopify and its third-party data consultancy TaskUs accountable for disclosing personally identifying information (PII) of Ledger purchasers.
According to the plaintiffs, Shopify and TaskUs were aware of the data breach for more than a week before informing customers. They want Ledger and Shopify to provide the exact type of information that was released, as well as a monetary reward that covers both real and punitive damages.
France-based Ledger is also included as a defendant in the case for its marketing claims promising customer security. The complaint states that Ledger “initially denied that any compromise of PII had occurred,” but later had to backtrack and refer to the leak and to Shopify in an email notification. The complaint stated:
“Despite the repeated promises and worldwide advertising campaign touting unmatched security for its customers, Ledger—and its data processing vendors, Shopify and TaskUs—repeatedly and profoundly failed to protect its customers’ identities, causing targeted attacks on thousands of customers’ crypto-assets and causing Class members to receive far less security than they thought they had purchased with their Ledger Wallets.”
Hardware wallets, otherwise known as cold wallets, are physical devices that provide crypto users with added security for their private keys and seed phrases. They are marketed to be more secure than hot wallets.
As the complaint alleges, Ledger used Shopify to run its website’s online store
As a result of that relationship, Shopify had direct access to the PII of customers on Ledger’s database. Shopify uses TaskUs to provide customer support services, and therefore it also had access to Ledger’s customer data.
Hackers made off with personal information from about 272,000 Ledger users and over 1 million email subscribers to Ledger’s newsletter in 2020. A massive phishing and intimidation campaign targeting Ledger owners followed resulting in some victims losing crypto assets.
This isn’t the first time a class-action lawsuit has been brought against Ledger and Shopify as a result of the data leak. A different set of complainants filed suit in California in April 2021. In that case, Shopify and Ledger were accused of “negligently allowing, recklessly ignoring, and then willfully seeking to cover up” claims similar to those stated in the new Delaware filing.
Trezor, a hardware wallet maker, was the target of a phishing attempt on April 2 that used the MailChimp marketing service provider to target its users. Trezor said there had been a data breach in a tweet on April 3. Users were notified that the company would no longer communicate through newsletter and that three of its domains will be shut down.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join CoinCu Telegram to keep track of news: https://t.me/coincunews