Sensitive data leaked in Kroll cybersecurity breach

It appears that a data breach involving FTX bankruptcy claims agent Kroll has resulted in the leak of sensitive information, contrary to earlier reports.

In an alleged Kroll Q&A summary published on Aug. 30, FTX users’ email addresses, mailing addresses, account numbers, unique bankruptcy identifiers, account balances, phone numbers and other claim details were all reportedly breached in a cybersecurity incident that FTX revealed on Aug. 24.

Previously, FTX wrote that Kroll “experienced a cybersecurity incident that compromised non-sensitive customer data of certain claimants in the pending bankruptcy case.”

Immediately after the incident, FTX said account passwords were not maintained by Kroll and that the firm’s own systems, along with its digital assets, were not affected. A day later, the bankrupt exchange said it would temporarily freeze the accounts of affected customers within the claims portal.

According to the report, Kroll has since “contained and remediated” the incident. However, it warned that users should remain on “high alert” for “fraud and scam” attempts that appear legitimate via the stolen data. Shortly after the breach, multiple users began reporting phishing emails disguised as being from Kroll.

FTX had over 1 million users at the time of its bankruptcy filing last November. On Nov. 12, 2022, just one day after its bankruptcy announcement, FTX was hacked for nearly $400 million in an alleged inside job, sparking an investigation by the U.S. Department of Justice. The bankruptcy proceeding has come under fire for its length and cost, with over $32.5 million spent on legal fees in February alone.

Leave a Reply

Your email address will not be published. Required fields are marked *