Shopify is on trial, Trezor examines data protection violation

05. April 2022

Sophie Müller

Artikel als PDF

Kommentare

Diesen Artikel teilen:

The e-commerce platform Shopify and the hardware wallet manufacturer Ledger are faced with a major legal hurdle, since a group of Ledger users have submitted a collective action for a collective action because of their failure to prevent a massive data protection violation in 2020.
Trezor, provider of cryptocurrency hardware walls, initiated an investigation into a potential data protection injury that could have compromised the email addresses of customers and the personal data of other users.

The e-commerce giant Shopify, which also sells Cold Wallets for cryptocurrencies, faces a lawsuit by Ledger users. Cold wallets are physical devices that help increase safety when storing crypto-assets. The lawsuit was submitted to the US district court in Delaware on April 1st and claimed that Shopify had "repeatedly and seriously failed to protect the identity of its customers".

also read: nuvei cooperates with Ledger to offer millions of users direct crypto-on-ramp

Details of the lawsuit

Shopify and his external data consultant Taskus bear the full responsibility for seeping through the personal data (PII) of the user. According to the plaintiffs, Shopify and Taskus knew about the leak and hid this information for a week.

The public prosecutor currently calls for the disclosure of the type of data loss and financial compensation for physical and intangible damage. The complaint said:

Despite the repeated promises and the global advertising campaign, which promotes unsurpassed security for his customers, Ledger-and his data processing providers Shopify and Taskus-repeatedly and thoroughly protected the identities of its customers, which caused targeted attacks on the crrypto assets from thousands of customers and what leads to class members than gave them far less security that they were at risk that they did not take them. they would have bought them with their Ledger money exchanges.

Ledger reported that

reported that they would have personal data through customers through, but soon admitted that he had compromised Pii. Ledger used Shopify to start his online shop. As a result of this symbiosis, Taskus and Shopify gave access to the personal data of Ledger customers.

Hackers were reported to steal personal information from around 272,000 Ledger customers and more than a million email addresses from Ledger Newsletter subscribers, which led to a global phishing campaign.

Trezor examines a massive data protection injury

Another manufacturer of Cold Wallets was associated with allegations of having disclosed personal data from customers. The hardware wallet team from Trezor reported a leak of personal customer data on the side of the Mailchimp platform, through which the company carries out marketing newsletter. The attacker used user information in the event of a phishing attack. Trezor customers received an email in which they were asked to update the software of their devices. The emails came from Trezor.us (during the official domain of trezor.io). Representative of Trezor wrote;

MailChimp has confirmed that her service was compromised by an insider who aims at crypto companies. We managed to switch the phishing domain offline offline. We try to determine how many email addresses are affected.

Trezor refused to send marketing emails until the situation was solved. Users were advised not to open any emails that were allegedly sent on behalf of the company.

We will not communicate via newsletter until the situation has been clarified.
Until further notice, do not open any emails that apparently come from Trezor. Please make sure that you use anonymous email addresses for Bitcoin-related activities. 2/

- Trezor (@Trezor) 3. April 2022

Source: Crypto-news-flash.com