My Hardware Wallet Was Physically Stolen — What Now?

Short answer

A stolen hardware wallet is not a crypto-loss event by itself — the device's secure element holds the key but requires the PIN to access it. After 3 wrong PIN attempts, the device wipes itself. If you have your seed phrase backup, you can restore funds to a new device immediately, and the thief gets nothing. The actual loss event is "stolen hardware wallet + thief knows your PIN or shoulder-surfed it." Mitigation: restore from seed to a new device, transfer funds to a fresh seed (the old seed is potentially compromised if the thief is sophisticated).

The realistic threat model

For a casual thief who finds your Ledger in a stolen backpack: useless. They don't know the PIN; 3 wrong tries wipes the device.

For a sophisticated attacker who knows you have crypto and stole the device specifically: more concerning. They may attempt side-channel attacks (decapsulation, voltage glitching, electromagnetic analysis). The 2018 Ledger Donjon paper documented some side-channel attacks against older Ledger models. The Trezor Safe 3 secure element is rated to resist these at "well-funded nation-state attacker" cost levels.

For a thief who watched you enter your PIN: the device is theirs. They can sign transactions immediately.

Immediate response to theft

Restore from seed phrase to a new hardware wallet immediately. The same seed reproduces the same addresses, so you can see your balances on the new device. Then — and this is critical — generate a fresh seed phrase, set up a new wallet, and transfer all funds from the old wallet to the new wallet.

Why transfer? If the old hardware wallet has been physically attacked by a sophisticated thief, the original seed phrase could have been extracted via side-channel. Moving to a fresh seed eliminates this risk. Cost: the gas fees for the transfer. Benefit: certainty.

What "compromised seed" looks like

If the thief had the device and your PIN: high probability seed is compromised.

If the thief had only the device (no PIN exposure): low probability for casual thief, medium probability for sophisticated attacker.

If the device was never out of your sight but stolen briefly: low probability.

For higher confidence in compromise: any sign that someone has been to your home, any unfamiliar transaction on the wallet, any pattern that suggests targeted theft.

Insurance and law enforcement

For US holders with substantial crypto losses to theft: file a police report (required for insurance claims), file an FBI IC3 complaint at ic3.gov. The hardware-wallet theft itself is rarely recoverable, but the documentation is needed if you carry a homeowner's policy that covers crypto (rare) or have a private crypto-theft insurance policy.

Most US homeowner policies do not cover crypto theft. Coincover and Lloyd's underwriters offer crypto-specific theft insurance, with annual premiums of 0.5-2% of insured value.

Prevention

Store the hardware wallet in a fireproof safe at home. Don't carry it in your daily backpack. For travel, the device can stay home — restore from seed phrase only if you actually need to sign while traveling.

Further reading: Hardware wallet, Secure element.