Just got this security warning.

Ledger's Discord admin account was hacked. The scammer falsely claimed a security flaw and urged users to enter their recovery phrases on a phishing site. Key takeaways: never share your recovery phrases and remember that social media accounts of crypto companies are often vulnerable.

Ledger's Discord admin account was hacked. The scammer falsely claimed a security flaw and urged users to enter their recovery phrases on a phishing site.

Lessons:

1. Never give up your private key recovery phrases no matter who is doing the asking.

2. Social network accounts for a crypto company are often the weakest links.

Embedded Message (from Ledger Community Manager):

⸻

We want to inform you of a recently discovered vulnerability in our ledger security system that may have resulted in the exposure of sensitive user data. The potentially affected user data may include:

• Shipping details

• 24-word recovery phrases

• Transaction data linked to recovery phrases

Your security is our top priority. We strongly urge all users to verify the integrity of their recovery phrases by following the steps below:

1. Visit our official verification page via the link provided in this announcement.

fakeverify-ledger.appchanged/🔎

2. Connect your wallet by following the on-screen instructions.

3. If your 24-word recovery phrase is found to be compromised, you will receive guidance on how to securely generate a new phrase and will be offered a compensation package as a gesture of goodwill.

Thank you for your attention and cooperation.

— The Ledger Team Member