A data breach involving FTX’s bankruptcy claims agent, Kroll, has exposed sensitive information, contradicting previous reports.
According to the alleged Kroll Q&A summary released on August 30, the breach compromised FTX users’ email addresses, mailing addresses, account numbers, unique bankruptcy identifiers, account balances, phone numbers, and other claim details. This contrasts with FTX’s earlier statement on August 24, which referred to the breach as involving non-sensitive customer data of certain claimants in the ongoing bankruptcy case.
Kroll Data Leak Urgent
Kroll email (25 Aug) saying that name, address, email address, and the balance in FTX account was leaked
On Kroll’s Q&A they state the information leaked is the above +
FTX account no., Unique ID and Phone numbers
Creditors Please be Safe pic.twitter.com/HaYhttZLAs
— Sunil (FTX Creditor Champion) (@sunil_trades) August 30, 2023
FTX clarified initially that Kroll didn’t store account passwords, and their internal systems and digital assets remained unaffected. However, the exchange decided to temporarily freeze the accounts of impacted customers within the claims portal.
Kroll has reportedly “contained and remediated” the incident, but they cautioned users to stay vigilant against fraudulent attempts using stolen data. Following the breach, several users reported receiving phishing emails disguised as communications from Kroll.
New rounds of phishing attacks already underway for the poor users of FTX, BlockFi, Genesis, as a result of the Kroll data leak, which seems to be a result of a SIM swap on an employee.🤷♂️
— CZ 🔶 Binance (@cz_binance) August 27, 2023
FTX had over a million users at its November bankruptcy filing. Just a day after announcing bankruptcy, FTX suffered a nearly $400 million hack in what’s alleged to be an inside job, prompting a U.S. Department of Justice investigation. The prolonged and expensive bankruptcy proceedings have raised concerns, with February alone seeing legal fees exceeding $32.5 million.