The cryptocurrency exchange Kraken revealed two incidents of unauthorized access to customer support data and said it had been targeted by a criminal group attempting extortion. Nick Percoco, the company’s Chief Security Officer, shared this on X.
What Happened
In February 2025, Kraken received a tip from a trusted source: a video surfaced on a criminal forum showing access to internal customer support systems.
Kraken quickly identified the source — a customer support employee. Access was immediately revoked, an internal investigation was launched, additional security measures were introduced, and affected customers were notified.
Some time later, the situation repeated itself: another alert came in along with a new video of a similar nature. The second incident was handled the same way as the first.
Extortion
Shortly after the second incident was contained, the attackers demanded a ransom, threatening to release data from both incidents through media and social platforms. The company does not negotiate with extortionists and has no intention of paying.
According to Kraken, data from approximately 2,000 accounts may have been compromised — about 0.02% of its total user base.
Nick Percoco said enough evidence has already been gathered to identify and arrest those behind it. The exchange is cooperating with law enforcement across multiple jurisdictions. Together with industry partners and authorities, Kraken is also tracking attempts to recruit insiders — a tactic used not only against the crypto sector, but also against gaming and telecom companies.
Read also: