Kroll's Cybersecurity Breach Leads to FTX and BlockFi Data Leak on BlockFi Bankruptcy
Date: 2023-08-25 Author: Karina Ziganova Categories: BUSINESS, IN WORLD
Bankruptcy claims agent Kroll suffered a cybersecurity incident that compromised the personal information of some FTX customers.
FTX officially confirmed the cybersecurity incident on social media platform X in an August 25 post. According to the firm, the breach only affected non-sensitive customer data belonging to certain applicants involved in the company's bankruptcy case.
The bankrupt exchange did not provide additional information about the affected plaintiffs. However, he assured the community that Kroll is directly notifying affected claimants of steps they can take to protect themselves.
FTX stated:
"Kroll assured [claimants] FTX that it had promptly contained and resolved the incident, and FTX [claimants] are monitoring the situation closely."
Meanwhile, FTX has advised its users to be on the lookout for any fraudulent or fraudulent emails that may impersonate bankruptcy participants.
What's happened?
While public reports from the bankrupt firm claimed that the data compromise was due to a security incident, an email sent to FTX complainants explained that hackers had gained control of a Kroll employee's phone number and used it to access files stored on company cloud.
The email did not state when Kroll discovered the incident, but said it quickly secured the affected account and launched an investigation. The email also revealed that the compromise resulted in the disclosure of the name, address, email address, and FTX account balance of bankrupt clients.
BlockFi also affected
Another bankrupt crypto firm, BlockFi, said it was affected by the breach.
According to the failed crypto lender, Kroll confirmed that there was unauthorized access to the data of some of its customers on the claims management platform. However, the incident did not affect its internal systems or customer funds.
“We can also confirm that BlockFi account passwords have never been stored on the Kroll platform. The incident happened at Kroll and we are notifying you directly so you can take steps to further protect yourself."
The bankrupt lender also provided steps for users to protect themselves from third-party attackers.
