According to an online monitoring web portal called, Under the Breach, a hacker is purportedly trying to sell customer information that stems from companies like Keepkey, Trezor, Ledger, and even the investment platform Bnktothefuture. The hacker doesn’t seem to have any passwords, but is offering detailed information that was stolen from an alleged Shopify breach like email addresses, home addresses, and phone numbers.
The cybercrime resource known as Under the Breach has disclosed that customers who have purchased products using Shopify and purchased items from companies like Ledger, Trezor, Keepkey, and even Bnktothefuture may have had their identities leaked.
The hacker is said to be the same person that attacked the forum Ethereum.org and he claims to have a massive cache of customer information.
Both of which obtained from a @Shopify exploit.
(suggesting there are many more underground leaks).
— Under the Breach (@underthebreach) May 24, 2020
Under the Breach documents show that the hacker has three large databases with information pertaining to an alleged 80,000 customers. This includes the customer’s email address, name, phone number, residential address, and other pieces of data.
The databases from Shopify are allegedly tied to Ledger, Trezor, and Keepkey. However, on May 24, 2020, the firm Ledger addressed the Shopify discussion and called it a “rumor.”
“Rumors pretend our Shopify database has been hacked through a Shopify exploit,” Ledger tweeted. “Our ecommerce team is currently checking these allegations by analyzing the so-called hacked DB, and so far it doesn’t match our real [database] DB. We continue investigations and are taking the matter seriously.”
The company that manufactures Trezor hardware wallets has also denied the situation. Trezor’s official Twitter account stated:
There are rumors spreading that our eshop database has been hacked through a Shopify exploit. Our eshop does not use Shopify, but we are nonetheless investigating the situation. We’ve been also routinely purging old customer records from the database to minimize the possible impact.
The information provided by Under the Breach shows that there are no passwords available and only identity information per request. Allegedly, the hacker also breached the Bnktothefuture SQL database and scooped up identity information from that investment platform as well.
News.Bitcoin.com also spoke with a Shopify representative and the company said: “We investigated these claims and found no evidence to substantiate them, and no evidence of any compromise of Shopify’s systems.”
The hacker has a number of dubious claims and supposedly has the databases for close to 20 crypto exchanges worldwide. No one can confirm whether or not the hacker really does have these databases, and so far it seems to be merely hearsay. The individual also has told the public he hacked two digital currency tax companies and is planning to sell that data as well.
What do you think about this so-called hacker? Let us know in the comments below.
Image Credits: Shutterstock, Pixabay, Wiki Commons, Under the Breach, Twitter
Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.