- The recent cyber attack on Kroll has proven worse than initially feared, as the breach exposed FTX users’ sensitive data
- The hack has led to significant security risks for FTX users, with leaked information potentially enabling hackers to target major FTX holders for financial gain
- The incident serves as a reminder of the risks now posed to high-value customers, with similarities to the 2020 Ledger hacks present
The cyber attack that hit Kroll, the customer claims agent for FTX and Blockfi, last week is worse than first feared, an update has shown. The hack resulted in FTX creditor names, addresses, email addresses, and balances being exposed, leading to huge personal security risks. Kroll has quietly updated its Q&A on the hack to reveal that users’ FTX account numbers, Unique IDs and phone numbers have also been leaked, leading to a situation reminiscent of the Ledger hacks of 2020 which led to customers being plagued with phishing emails and phone calls that continue to this day.
Security Implications for FTX Users
Following the breach last week, FTX made an X post reassuring users that the situation was not as bad as it could have been, with critical personal information secure:
(1/3) FTX learned that Kroll, the claims agent in the bankruptcy, experienced a cybersecurity incident that compromised non-sensitive customer data of certain claimants in the pending bankruptcy case.
— FTX (@FTX_Official) August 25, 2023
However, the idea that ‘non-sensitive customer data’ wasn’t leaked doesn’t seem to parse with Kroll’s online Q&A, which was updated yesterday to reveal the true scale of the theft:
Kroll Data Leak Urgent
Kroll email (25 Aug) saying that name, address, email address, and the balance in FTX account was leaked
On Kroll’s Q&A they state the information leaked is the above +
FTX account no., Unique ID and Phone numbersCreditors Please be Safe pic.twitter.com/HaYhttZLAs
— Sunil (FTX Creditor Champion) (@sunil_trades) August 30, 2023
The data that the hackers have obtained will allow them to build up a full picture of the biggest FTX holders, allowing them to zero in on the ones that will get them the biggest payday.
Stockholm Robbery a Reminder of the Dangers
Claimants have already reported losing their crypto holdings to phishing emails claiming that payouts have already started, but this is nothing compared to what an in-person theft could look like. We got a sense of this following the 2020 hacks on wallet maker Ledger’s customer database, which saw a raft of phishing emails and phone calls that continue to this day as well as a physical robbery in Stockholm concerning a Ledger customer whose address was revealed in the leak.
These are therefore worrying times for FTX whales who will have to be extra careful when engaging with strangers online and may have to take extra steps with their personal security.