Sensitive FTX User Data Leaked During Kroll’s Security Incident

The data breach that Kroll, the claims agent in FTX’s bankruptcy, suffered is allegedly more serious than initially reported, involving sensitive customer data.

According to a FAQ sheet that appeared on X (formerly Twitter), information like names, mailing and email addresses, phone numbers, FTX account numbers and the balance in those accounts was potentially leaked.

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

Bullish vs Bearish Markets: How to Predict it? (Animated)

SUBSCRIBE

ON YOUTUBE

Initially, on August 25th,  FTX stated that the incident only impacted non-sensitive customer data of certain claimants, while Kroll reported that immediate actions were taken to secure the affected accounts.

Kroll also notified the affected users directly, with both companies maintaining that no crucial information had been stolen. However, the published FAQ highlighted some of the potentially sensitive data that could severely impact the users.

The leak was caused by a SIM swapping attack when the hacker used T-Mobile to transfer a Kroll employee’s phone number into his own phone.

As a result, it appears the threat actor gained access to certain files containing personal information of bankruptcy claimants in the matters of BlockFi, FTX and Genesis.

In the initial messaging, FTX assured the users that their passwords were safe because they were kept on FTX’s systems. However, the aforementioned information apparently was available to Kroll due to the companies’ relationship in the bankruptcy case.

Kroll and FTX then urged the users to be cautious of possible scams related to the incident. Soon after, there were reports that users received suspicious emails claiming to be from FTX and promising to give back their funds if the users followed specific instructions.

Phishing attacks against crypto enthusiasts are increasing in frequency and notoriety. In June, 8 X accounts of notable crypto figures were hacked, which ultimately saw $1 million in cryptocurrencies stolen.

Aaron S., Editor-In-Chief

Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.
With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.
Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.
Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.

Full Bio

All Expert Contributors & Analysts