Part 3/13:

A central part of the discussion revolves around Ledger’s previous data breach — the exposure of customer information via a third-party API vulnerability. Matt explains that the breach involved an API key left accessible, which malicious actors exploited to access some customer records. Once the breach was identified, immediate steps were taken: fixing the API, notifying authorities, and informing impacted customers.

Discovering Broader Data Exposures: