Kraken exchange has posted a security update, saying that insiders recorded client data and are now demanding a ransom for it.
According to the firm’s Chief Security Officer (CSO), the case comprises two incidents that occurred between February 2025 and early this year. In the first incident, the criminal group threatened to release videos of internal systems containing client data unless Kraken paid a ransom.
Without hesitation, Kraken launched an investigation and, with the help of a valuable tip, identified the malicious actor as a member of their support team. Additionally, Kraken revoked the ransomcharger’s system access and implemented tighter controls to ensure the safety of client data.
Kraken fights insider extortion
More recently, the exchange suffered an eerily similar incident, which they dealt with in the same way as the first.
However, access termination did little to deter the malicious actors. Soon after, they threatened to release the videos on social media.
Kraken now asserts that it will not bow down to the criminals’ commands. The firm also says it is actively working with law enforcement agencies to bring insider recruitment to a halt, not just in the crypto industry but also in gaming and telecommunications companies.
Notably, Kraken reports that only a handful of its clients were affected in both incidents – that is, 2000 persons or 0.02% of their whole clientele base. The company also reached out to these individuals to alert them to the intrusion and to additional privacy-promoting measures to take. Kraken now maintains that its systems remain unbreached and no customer funds are at risk.
Crypto fortress under attack
Other than the recent compromise, Kraken has suffered only one other notable security incident in June 2024. At the time, CertiK researchers identified a vulnerability in its accounts that allowed users to artificially inflate their account balances.
And while Kraken has built a reputation as a crypto fortress, it now appears to have fallen victim to a classic case of “the call is coming from inside the house.”
Trust with CoinPedia:
CoinPedia has been delivering accurate and timely cryptocurrency and blockchain updates since 2017. All content is created by our expert panel of analysts and journalists, following strict Editorial Guidelines based on E-E-A-T (Experience, Expertise, Authoritativeness, Trustworthiness). Every article is fact-checked against reputable sources to ensure accuracy, transparency, and reliability. Our review policy guarantees unbiased evaluations when recommending exchanges, platforms, or tools. We strive to provide timely updates about everything crypto & blockchain, right from startups to industry majors.
Investment Disclaimer:
All opinions and insights shared represent the author’s own views on current market conditions. Please do your own research before making investment decisions. Neither the writer nor the publication assumes responsibility for your financial choices.
Sponsored and Advertisements:
Sponsored content and affiliate links may appear on our site. Advertisements are marked clearly, and our editorial content remains entirely independent from our ad partners.
