A breach of FTX’s bankruptcy agent’s platform has released sensitive user data
Contrary to earlier reports, FTX bankruptcy claims agent Kroll appears to have had a data breach, resulting in sensitive data being leaked. It’s just the latest in a long line of embarrassments for the failed cryptocurrency exchange.
Kroll Q&A allegedly published a summary on August 30 saying the email addresses, mailing addresses, account balances, account numbers, phone numbers, unique bankruptcy identifiers, and other claim details from FTX users were all breached in an incident disclosed by FTX on August 24. FTX previously said that Kroll “experienced a cybersecurity incident that compromised non-sensitive customer data of certain claimants in the pending bankruptcy case.”
FTX initially said that Kroll didn’t possess account passwords and that its own systems and digital assets were unaffected. The bankrupt crypto exchange then announced one day later that it would temporarily freeze the impacted accounts within the claims portal.
The report indicates that Kroll has since “contained and remediated” the breach. However, it warned users to stay on “high alert” for “fraud and scam” attempts using the stolen data that might look legitimate. Not long after the breach, users started to report receiving phishing emails made to appear they were from Kroll.
One million users were with FTX when it filed for bankruptcy last November. One day later, on November 12, 2022, its platform was hacked for nearly $400 million in what most think was an inside job, initiating the U.S. Department of Justice to investigate. The bankruptcy proceedings have been criticized for the time and money spent so far, with February alone costing over $32.5 million in legal fees.
