Kraken Security Alert: Insider Blackmail Attempt Targets Customer Privacy

The post Kraken Security Alert: Insider Blackmail Attempt Targets Customer Privacy appeared first on Coinpedia Fintech News

Kraken exchange has posted a security update, saying that insiders recorded client data and are now demanding a ransom for it.

According to the firm’s Chief Security Officer (CSO), the case comprises two incidents that occurred between February 2025 and early this year. In the first incident, the criminal group threatened to release videos of internal systems containing client data unless Kraken paid a ransom.

Without hesitation, Kraken launched an investigation and, with the help of a valuable tip, identified the malicious actor as a member of their support team. Additionally, Kraken revoked the ransomcharger’s system access and implemented tighter controls to ensure the safety of client data.

Kraken fights insider extortion

More recently, the exchange suffered an eerily similar incident, which they dealt with in the same way as the first.

However, access termination did little to deter the malicious actors. Soon after, they threatened to release the videos on social media.

Kraken now asserts that it will not bow down to the criminals’ commands. The firm also says it is actively working with law enforcement agencies to bring insider recruitment to a halt, not just in the crypto industry but also in gaming and telecommunications companies.

Notably, Kraken reports that only a handful of its clients were affected in both incidents – that is, 2000 persons or 0.02% of their whole clientele base. The company also reached out to these individuals to alert them to the intrusion and to additional privacy-promoting measures to take. Kraken now maintains that its systems remain unbreached and no customer funds are at risk.

Crypto fortress under attack

Other than the recent compromise, Kraken has suffered only one other notable security incident in June 2024. At the time, CertiK researchers identified a vulnerability in its accounts that allowed users to artificially inflate their account balances.

And while Kraken has built a reputation as a crypto fortress, it now appears to have fallen victim to a classic case of “the call is coming from inside the house.”