Crypto users sue e-commerce firm Shopify over Ledger data breach

Shopify, global e-commerce platform, and Ledger, a crypto hardware wallet, are both facing legal challenges. Recently, a group of ledger users filed a class-action lawsuit against the firms alleging that the companies failed to take reasonable precautions to avoid a data breach that compromised personal information and Bitcoin holdings.

On April 1, ledger users filed a class-action lawsuit in the United States District Court for the District of Delaware. As per multiple media reports the users claimed that Shopify "repeatedly and severely failed to protect its clients' identities."

Users have also filed a lawsuit against Shopify Inc's data consultancy service TaskUs. Users are holding TaskUs accountable for disclosing personally identifiable information (PII) of Ledger users.

Shopify uses TaskUs to enable customer support for its users.

According to the complaint, France-based hardware wallet, Ledger is also named as a defendant in the case for compromising the customer data. Ledger has been using Shopify to manage its online store and Shopify had direct access to the PII of customers on Ledger's database.

Hardware wallets are referred to as cold wallets and they function to provide additional security to users' private keys, which enable users to sign and confirm transactions. Hardware wallets are important for individuals trying to purchase, sell, and trade cryptocurrencies as it provides added security.

This isn't the first time data being compromised on a hardware wallet, In 2020 Ledger suffered a data breach when email addresses belonging to several users of the cryptocurrency wallet were leaked online. The firm claimed the hackers had accessed its e-commerce and marketing database through an API key. Recently, hackers used Trezor, a crypto hardware wallet firm's mailing list to send out false data breach notices to crypto wallet users.