Ledger’s data leak, what to do?

Dear users, yesterday 21 December 2020, Ledger company communicated through his blog that their data related to a security breach that occurred was leaked on a forum. One million of user data has been made available to the public. 

The data affected are mainly emails however, in some cases, the attackers were able to obtain names, surnames, home addresses and telephone numbers.

The years of experience that have enabled us to become the longest-running crypto exchange in Europe, have meant that we have developed various countermeasures to ensure the security of your accounts.

As mentioned, the data affected are:

  • E-mail
  • Name and surname
  • Home address
  • Telephone number

None of this data is directly capable of compromising the integrity of your account at The Rock Trading, as:

  • Email, we are among the very few who do not use email for access, but rather username, this makes it useless for attackers just to know an email address to try to access your account.
  • Name and surname, no direct or indirect impact to the security of your The Rock Trading account.
  • Address, also in this case no direct or indirect impact to the security of your The Rock Trading account.
  • Telephone number, not relevant for The Rock Trading since it is not used in any case and not even for two-factor authentication (2FA), so even in this case a possible sim swapping would not lead to results that would easily impact the account security.

The solutions we apply, such as using the username instead of the email and external applications for 2FA instead of the telephone number, make sure that when these unpleasant incidents occur, the accounts of our users remain safe. 

It should be remembered, however, that email addresses and phone numbers in possession of malicious people can lead to attempts of phishing attacks. We strongly advise you, in any case, to activate always and everywhere (especially on exchange’s accounts and on email inboxes) security measures of “strong authentication” such as two-factor authentication.

Phishing attacks are used to steal information from victims through deceptions, which are often fake emails asking for passwords and data, or messages inviting to visit malicious sites or install malicious software. 

So apart from the fact that we at The Rock Trading keep the infrastructure as secure as possible, it is always essential for users to pay the utmost attention to emails and messages in order to avoid any possible damage. 

In conclusion, there is no need to take any further action to keep your The Rock Trading account secure; however, we would like to invite you to activate the two factor authentication and withdrawal PIN (security measures that you can find in the Settings, under “Security”), as well as remind you that The Rock Trading will never ask you for your password neither personal information via email/Telegram group nor social media. Any and all the customer support activity is handled only through our ticketing system and by our official staff.