FTX debtors’ personal data compromised in bankruptcy hack; FBI partakes in investigation

Share:

• FTX, Genesis and BlockFi customers’ are said to be vulnerable to phishing scams that could seek unauthorized access to their wallets.
• Legal service provider Kroll revealed that it suspects the attack took place on August 19, which could have compromised personal data.
• FTX, in response to the incident, froze the affected users’ accounts within the customer claims portal.

FTX debtors seem to be destined to face some or the other kind of trouble. While the bankruptcy proceedings continued, on the one hand, the debtors faced what could have been a catastrophic attack.

FTX, Genesis, BlockFi customers’ data hacked

FTX, Genesis, and BlockFi these companies use the same business and legal service provider, Kroll, which became a victim of cybercrime earlier last week. The company, in a statement, revealed that on August 19, it faced the attack, iterating,

“We were recently informed that on Saturday, August 19, 2023, a cyber threat actor targeted a T-Mobile US., Inc. account belonging to a Kroll employee in a highly sophisticated “SIM swapping” attack.

As a result of the attack, the perpetrator gained access to files containing the personal information of bankruptcy claimants in the case of BlockFi, FTX and Genesis. The accounts were secured as soon as Kroll found out and launched a full investigation to look into the matter. The firm stated that it was coordinating with the Federal Bureau of Investigation (FBI) as well regarding the attack.

No other systems were impacted by the attack, but Kroll still made sure to warn the customers of any potential phishing scams. These scams could lead to the hacker gaining unauthorized access to the users’ wallet(s). The files hacked contained names, addresses, emails and other information on claims; however, no sensitive information, such as passwords, was stolen.

In response to the incident, FTX stated,

“The incident occurred at Kroll, and Kroll is notifying affected individuals directly with measures that customers can take to protect themselves. FTX account passwords were not maintained by Kroll, and FTX’s own systems were not affected.

Later on, FTX also informed the debtors that it had precautionary measures and temporarily froze the affected users’ accounts within the customer claims portal. Both Kroll and FTX are yet to respond to Vimilin’s request for further details.