Ledger is the world’s best-selling hardware wallet brand, and for most users it represents a significant security upgrade over keeping funds on exchanges or in software wallets. But Ledger has faced real controversies — a major customer data breach in 2020, a supply-chain attack in 2023, and significant controversy over the Ledger Recover feature. Understanding these events accurately is essential to making an informed decision about whether Ledger is right for your security model.
This article gives you a complete, honest security analysis of Ledger’s hardware, software, and track record.
The Core Security Architecture
The Secure Element Chip
The foundation of Ledger’s security is the Secure Element (SE) chip. This is the same category of chip used in:
- EMV payment cards (Visa, Mastercard)
- Electronic passports
- SIM cards
- Government ID cards
Secure Elements are physically hardened chips designed to resist:
The Nano X and Nano S Plus use the ST33K1M5 Secure Element with CC EAL5+ certification. The newer Stax and Flex use a chip certified to CC EAL6+, a higher standard. For comparison, EAL6+ is the level required for smart cards used in national ID programs.
The Two-Chip Architecture
Ledger devices use two separate chips:
This separation is a key security feature. Even if an attacker compromises the MCU (which runs the display and USB/Bluetooth), they cannot access the private keys stored in the Secure Element without breaking the physical security of that chip.
The MCU and SE communicate over a secure internal channel. The SE verifies the MCU’s integrity on startup — if the MCU firmware has been tampered with, the SE detects this and alerts the user.
CC EAL5+ vs EAL6+: What Does It Actually Mean?
Common Criteria (CC) is an international standard for evaluating the security of information technology products. The Evaluation Assurance Level (EAL) scale runs from EAL1 (lowest) to EAL7 (highest).
| Level | Description | Common Use Cases |
|---|---|---|
| EAL1 | Functionally tested | Basic consumer electronics |
| EAL2 | Structurally tested | Some consumer security products |
| EAL3 | Methodically tested | Some banking systems |
| EAL4 | Methodically designed | Most payment cards |
| EAL5+ | Semi-formally designed and tested | Ledger Nano X/S Plus, passports |
| EAL6+ | Semi-formally verified design | Ledger Stax/Flex, some government ID systems |
| EAL7 | Formally verified | Military-grade systems |
The difference between EAL5+ and EAL6+ is meaningful — EAL6+ requires more rigorous formal verification of the chip design. However, EAL5+ is already far beyond what most consumer electronics achieve and represents genuine security against sophisticated physical attacks.
The 2020 Data Breach
In July 2020, Ledger’s e-commerce and marketing database was hacked. Approximately 272,000 customers had their full names, email addresses, phone numbers, and physical addresses exposed. Approximately 1 million email addresses were also leaked.
What was NOT exposed:
- Recovery phrases
- Private keys
- Funds
- Payment card details
- Passwords to Ledger accounts
The attack targeted Ledger’s marketing database, not the hardware devices themselves, the blockchain, or any cryptographic material. No one lost crypto as a direct result of this breach.
What followed: Ledger customers were subjected to extensive and sophisticated phishing attacks. Criminals sent physical letters to home addresses claiming to be from Ledger and requesting recovery phrases. Emails mimicked Ledger’s branding to trick users into entering their seed phrase on fake websites.
Key lesson: The hardware was never compromised. But the data breach created a long-lasting phishing threat for affected customers. If you were a Ledger customer before 2020, you remain at higher phishing risk and should remain vigilant.
The 2023 Ledger Connect Kit Attack
In December 2023, an attacker compromised the npm package for Ledger Connect Kit — a JavaScript library used by many DeFi websites to connect to Ledger devices via WalletConnect. The attacker injected malicious code that prompted users to enter their seed phrases via a fake modal window.
What was compromised: The DApp/browser layer — the JavaScript running on websites
What was NOT compromised: The Ledger hardware device, firmware, or Secure Element
The attack affected users of several DeFi protocols including SushiSwap and others for a window of approximately 5 hours before Ledger patched the malicious package. Ledger estimated around $600,000 in crypto was stolen from users who entered their seed phrases into the fake prompt.
Key lesson: This was a software supply-chain attack on the web layer, not on Ledger hardware. The fundamental security model of the hardware device was not broken. However, the attack demonstrated the risk of connecting hardware wallets to web-based DApps — you are trusting not just the hardware, but the entire web stack. Never enter your seed phrase in any web interface, regardless of how legitimate it looks.
The Ledger Recover Controversy (2023)
In May 2023, Ledger announced Ledger Recover — a paid subscription service that splits your seed phrase into three encrypted fragments using Shamir’s Secret Sharing and stores each with a different custodial company.
This announcement created significant backlash for one specific reason: it revealed that Ledger’s firmware is capable of extracting the seed phrase from the Secure Element and transmitting it over the internet — something many users had assumed was architecturally impossible.
Ledger’s position: Ledger Recover is opt-in and requires explicit user consent. The Secure Element still protects keys; Recover simply uses an existing capability to encrypt and export the seed when the user requests it.
Critics’ position: The existence of this capability means users must trust that Ledger will not enable it without consent, or that a rogue firmware update (or government compulsion) could not force-enable it. This contradicts the previous assurances from Ledger that keys could “never leave the device.”
The security reality: Ledger Recover does represent a change in the security assumptions for Ledger devices. Users who need absolute certainty that their keys can never be exported over the internet now have a legitimate reason to reconsider. Users comfortable trusting Ledger’s implementation are not at additional risk from Recover if they do not subscribe.
For a complete analysis of Ledger Recover, see our dedicated guide.
Open Source Status
Ledger’s Secure Element firmware is partially closed source — Ledger cites NDA requirements with the chip manufacturer (ST Microelectronics) as the reason. The Ledger OS (BOLOS) and app source code are publicly available on GitHub.
This partial closed-source approach means independent security researchers cannot fully audit the firmware running on the Secure Element. In contrast, Trezor’s entire firmware is open source.
Ledger has conducted security audits with third-party firms, but these are not always fully published. This is a genuine limitation compared to fully open-source alternatives.
Comparison vs Competitors
| Security Feature | Ledger Nano X | Ledger Stax | Trezor Safe 3 | Trezor Safe 5 |
|---|---|---|---|---|
| Secure Element | Yes (EAL5+) | Yes (EAL6+) | Yes (EAL6+) | Yes (EAL6+) |
| Open source firmware | Partial | Partial | Full | Full |
| Air-gapped option | No | No | No | No |
| Passphrase support | Yes | Yes | Yes | Yes |
| Supply chain verification | Genuine check | Genuine check | Genuine check | Genuine check |
| Screen for address verification | Yes | Yes | Yes | Yes |
Trezor’s fully open-source firmware is a meaningful advantage for security purists. Ledger’s Secure Element design provides stronger physical security against hardware extraction attacks. Neither is objectively “safer” for every user — it depends on your threat model.
Practical Security Verdict
For the overwhelming majority of crypto users, Ledger hardware wallets represent an excellent and appropriate security choice. The hardware security model — with a Secure Element, physical button confirmation, and address verification on the device screen — protects against the most common real-world threats: phishing, malware, exchange hacks, and software vulnerabilities.
The real risks to Ledger users have not come from hardware compromises but from:
In every case, the hardware itself was not the vulnerability — social engineering and user behaviour were. This is actually an argument for Ledger’s hardware being sound: attackers bypass it rather than break it.
Bottom line: Ledger is safe hardware. The threats to Ledger users come from the software and social engineering layers, not from flaws in the Secure Element or the device’s cryptographic implementation.
Frequently Asked Questions
Q: Has anyone ever had their crypto stolen directly through a Ledger hardware exploit?
There are no publicly documented cases of funds being stolen through a direct exploit of Ledger’s Secure Element or core hardware design. Thefts from Ledger users have involved phishing, social engineering, and users voluntarily revealing seed phrases.
Q: Should I be worried about the 2020 data breach?
If you were a Ledger customer before the breach, remain vigilant about phishing. Your funds were never at risk from the breach itself — only your personal contact information was exposed.
Q: Is Ledger’s Secure Element truly unbreakable?
No hardware is truly unbreakable with unlimited time and resources. The CC EAL5+/EAL6+ certification means it is extremely resistant to state-of-the-art physical attacks, but academic researchers have demonstrated theoretical vulnerabilities in older Secure Element designs. In practice, practical attacks on modern certified Secure Elements are extremely sophisticated and not accessible to everyday criminals.
Q: Should I be concerned that Ledger’s firmware can extract my seed?
This is a legitimate concern raised by the Ledger Recover announcement. If this is a major concern for you, Trezor’s fully open-source firmware and architecture may better match your threat model.
Q: Is it safer to buy a Ledger directly from Ledger’s website?
Yes — always buy directly from ledger.com or authorised resellers. A device purchased second-hand or from an unauthorised seller may have been tampered with.
Q: Can government authorities compel Ledger to access my funds?
With standard setup (no Ledger Recover subscription), your funds are not accessible to Ledger or any third party. The keys exist only on your device and in your recovery phrase backup. With Ledger Recover enabled, fragments of your seed are held by third parties and could theoretically be subject to legal compulsion.
Related guides:
Leave a Reply