BNB -0.45%
$601.25
BTC -0.90%
$68,335.53
DOGE -2.30%
$0.16
ETH -0.91%
$3,897.28
PEPE -1.81%
$0.000016
XRP -0.38%
$0.53
SHIB 2.78%
$0.000026
SOL 1.73%
$171.37
$DOGEVERSE
presale is live

Cybersecurity Breach at Kroll Affects FTX and BlockFi Claimants’ Data

Fredrik Vold
Last updated: | 1 min read
Source: Shutterstock

A cybersecurity breach at FTX’s bankruptcy claims agent Kroll has compromised user data from both FTX and the bankrupt crypto lender BlockFi.

The compromised data consisted only of “non-sensitive” customer information, FTX said on X on Thursday, stressing that account passwords were not stored on Kroll’s servers.

The bankrupt exchange added that its own systems have not been affected by any security breach.

“Please remain on high alert for attempted fraud and scam emails impersonating parties in the bankruptcy,” FTX said.

No action required for BlockFi customers

A similar message was also shared by BlockFi on X the same day.

“To be clear, BlockFi’s internal systems and client funds were not impacted. We can also confirm that BlockFi account passwords were never stored on Kroll’s platform,” the statement from BlockFi said.

It added that BlockFi account holders do not need to perform any action on their accounts at this time.

Like FTX, BlockFi also warned its customers about likely phishing attempts going forward.

“In the following weeks, you should expect an uptick in phishing attempts and spam phone calls. BlockFi and Kroll will never call, email, or text you to ask for your personal information,” the bankrupt crypto lender wrote.

Account balances compromised

According to an email sent to FTX claimants by Kroll and cited by The Block, the compromised information includes personal details such as names, addresses, and email addresses of FTX customers.

Notably, the bankruptcy agent also said that customer balances on FTX were compromised along with the other personal details.

The firm asked users to be on high alert for potential scams and phishing attacks, explaining that attackers may use the compromised information to send phishing emails.

The email did not say when Kroll learned about the security breach.