Update: Ledger already claims that the rumours are false. While we can all have our sighs of relief now, make this be a wake up call that it's heavily not recommended to be handing over personal information on a lot of websites. Always think twice when handing over personal information, especially on shady websites.
Yeah, but you can't call Shopify a shady website. They are well known for years and majority of users trust them with their data. Besides, if Ledger as a company use them to sell their devices, why would some user think of them as a shady website?
It is quite scary how a little database leak could lead to a huge chain of robberies involving potentially millions of USD, specifically if big names & their addresses are leaked. The worst part is, governments may require businesses to store customer details but a business doesn't always have a high level database security. In fact, I'd guess most of them don't.
If a government requires businesses to store customer data, then it should require some level of database security. If a business gets their customer's data stolen due to a database hack because of some unfixed security hole, then that business could to be blamed too.