Kroll Unveils FTX Client Data Compromised in Shocking August Security Breach

Remember the data breach back in August involving FTX bankruptcy claimants? Well, risk and financial advisory company Kroll has released more information on it, and it’s not good news for those affected. The breach exposed personal information such as names, email addresses, phone numbers, and even coin holdings and balances, making it easy for cybercriminals to identify attractive targets in the cryptocurrency market.

In a letter sent out earlier this month, Kroll reassured affected individuals that the incident did not affect any FTX systems or FTX digital assets and that Kroll does not maintain passwords to FTX accounts. However, they still advised everyone to remain vigilant and take precautions to protect their accounts.

How to protect yourself

Kroll shared some valuable tips on how to stay safe from potential phishing attacks and unauthorized access to your cryptocurrency accounts and digital assets:

• Never share your passwords, seed phrases, private keys, or other sensitive information with untrusted individuals, applications, websites, or devices.
• Don’t assume an email or other communication is legitimate just because it contains information about your claim or FTX account.
• Always verify information by visiting Kroll’s Restructuring Administration website or contacting them directly at FTXquestions@kroll.com.

Additionally, to protect your assets against targeted phishing attacks, consider storing your crypto in cold wallets, which make it more difficult for cybercriminals to steal your assets.

Other creditors affected too

It’s not just FTX claimants who got hit by this breach. Kroll confirmed that creditors of BlockFi and Genesis were also affected. The breach occurred when one of Kroll’s employees fell victim to a SIM-swapping attack, allowing hackers to access files containing personal information of bankruptcy claimants.

Following the breach, phishing emails began targeting affected individuals, impersonating FTX and claiming that recipients could withdraw digital assets from their accounts. The ultimate goal of these attackers was to trick targets into giving away the seeds that protect their cryptocurrency wallets, allowing the hackers to empty them.

While Kroll handles restructuring cases for hundreds of organizations, a spokesperson clarified that the impact was limited to FTX, BlockFi, and Genesis Global Holdco creditors. However, we haven’t yet learned about the sensitive information belonging to BlockFi and Genesis creditors that was exposed during the breach.

Stay informed and stay secure

As your trusted IT Services provider, we’ll keep you updated on this and any other cybersecurity incidents that could impact you. In the meantime, be sure to follow our advice and stay vigilant when it comes to protecting your digital assets. And remember, if you have any questions or concerns, don’t hesitate to contact us!