coin-img-ETHETH+1.68%coin-img-BTCBTC+2.37%coin-img-SOLSOL+1.61%coin-img-USDCUSDC-0.01%coin-img-BENZBENZ+20,133.33%coin-img-COOCOO-2.84%coin-img-ULTIMAULTIMA+5.64%coin-img-XRPXRP+1.09%coin-img-ETHETH+1.68%coin-img-BTCBTC+2.37%coin-img-SOLSOL+1.61%coin-img-USDCUSDC-0.01%coin-img-BENZBENZ+20,133.33%coin-img-COOCOO-2.84%coin-img-ULTIMAULTIMA+5.64%coin-img-XRPXRP+1.09%coin-img-ETHETH+1.68%coin-img-BTCBTC+2.37%coin-img-SOLSOL+1.61%coin-img-USDCUSDC-0.01%coin-img-BENZBENZ+20,133.33%coin-img-COOCOO-2.84%coin-img-ULTIMAULTIMA+5.64%coin-img-XRPXRP+1.09%coin-img-ETHETH+1.68%coin-img-BTCBTC+2.37%coin-img-SOLSOL+1.61%coin-img-USDCUSDC-0.01%coin-img-BENZBENZ+20,133.33%coin-img-COOCOO-2.84%coin-img-ULTIMAULTIMA+5.64%coin-img-XRPXRP+1.09%

Kraken Says Insider Access Drove Extortion Threats; No Hack or Client Fund Risk

Kraken disclosed an extortion attempt tied to two incidents in which individuals gained unauthorized access to a limited set of internal support systems. The exchange said there was no breach of its infrastructure, core systems were not compromised, and client funds were never at risk. In a security update, Kraken said a criminal group has threatened to publish videos that it claims show internal systems containing client information unless the company meets its demands. Kraken said it will not engage or pay. Kraken attributed both incidents to insider access involving members of its support team, not external attackers. The first incident dates to February 2025, when the company received a tip about a video circulating on a criminal forum. Kraken said it identified the employee involved, revoked access, and opened an internal investigation. A second similar incident was identified more recently after another tip and video. Kraken said it again revoked access, moved to terminate the individuals' access, and notified affected users. The exchange said the activity was limited to customer support data, with about 2,000 accounts potentially viewed, roughly 0.02% of its user base. Kraken said only a "very small number" of clients were affected and those users have already been notified. Kraken said extortion demands began shortly after access was revoked. The group claimed it would release materials from both incidents to media outlets and on social platforms if the exchange did not comply. Kraken said it rejected the demands and "will not ever negotiate with bad actors." Kraken added that it is working with law enforcement across multiple jurisdictions and believes there is sufficient evidence to identify those responsible. The company also pointed to a broader rise in insider recruitment efforts, saying the trend is affecting not only crypto firms but also companies in gaming and telecommunications. Final Summary: Kraken said no breach occurred despite an extortion attempt linked to insider access that may have exposed support data tied to about 2,000 accounts. Core systems and funds remained secure, while the case underscores growing insider recruitment risks.
Selected
Disclaimer: The content above is only the author's opinion and does not represent BingX’s stance. It shall not be construed as investment advice from BingX. For details, refer to the Terms and Conditions.