Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

FTX, Genesis, BlockFi customer details at risk following data breach

Security attack

As if FTX creditors don’t have enough on their plate, now they have to combat inevitable phishing attacks that will come following the recent data breach at Kroll. 

Kroll, a financial firm that handles bankruptcy claims for insolvent crypto businesses FTX, BlockFi, and Genesis, confirmed that a threat actor managed to compromise an account belonging to one of its employees and use it to steal certain data on a limited number of users.

FTX and BlockFi posted a message on Twitter, saying the attack resulted in the theft of “limited, non-sensitive customer data of specific claimants.”

Phishing season

Apparently, the attacker managed to SIM-swap one of Kroll’s employees’ T-Mobile accounts and use it to move past the multifactor authentication (MFA) security protocol and enter the company’s systems. Once inside, they stole things like full names, postal addresses, email addresses, and debtor claim details, of an unknown number of creditors. 

Multiple crypto businesses went bust in 2022, losing billions of dollars worth of cryptocurrencies of people who used their services. Some of these companies are now in the middle of their bankruptcy proceedings.

Kroll said it would notify affected individuals directly. The breach has since been contained, it was added. 

While the attackers may have been pushed out, the damage has been done. Some people have already taken to social media to warn about phishing emails they received. In most cases, the attackers are impersonating FTX and telling the victims that crypto asset withdrawal has been re-enabled. The goal of the campaign, however, is to trick the victims into giving away whatever cryptocurrencies they had left elsewhere. 

Finally, a spokesperson for Kroll told the publication that there is no evidence the attacker managed to move laterally to other user accounts or systems. The attack was limited to these three companies.

Via: BleepingComputer

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.