- Kroll, the customer claims agent for FTX and Blockfi, has suffered a cyber attack resulting in phishing emails being sent to exchange claimants from both platforms.
- FTX and Blockfi have confirmed that unauthorized access to some data has occurred, though passwords remain secure
- Despite the reassurances, the incident has left claimants on the lookout for phishing emails and concerned about the security breach’s implications
The customer claims agent for FTX and Blockfi, Kroll, has been hit with a cyber attack which has resulted in phishing emails being sent to claimants of both exchanges. FTX and Blockfi informed registrants of the hack yesterday, confirming that “an unauthorized third party” gained access to some data, although this didn’t include passwords to their accounts. Users have been told to be aware of phishing emails but have otherwise been informed that there is no further action needed, but the news will hardly fill already negatively impacted users with joy.
Passwords Are Safe
Blockfi informed its claimants by email yesterday that Kroll had fallen prey to the attack, saying that the hackers “gained access to a portion of its client data, including certain BlockFi client data housed on its platform,” although it confirmed that the damage wasn’t too bad:
To be clear, BlockFi’s internal systems and client funds were not impacted. Your BlockFi password was never stored on Kroll’s platform. The incident occurred at Kroll and we are notifying you directly so that you can take actions to further protect yourself. No action is needed on your BlockFi account at this time.
FTX made an X post regarding the issue, again reassuring users that the situation was not as bad as it could have been:
(1/3) FTX learned that Kroll, the claims agent in the bankruptcy, experienced a cybersecurity incident that compromised non-sensitive customer data of certain claimants in the pending bankruptcy case.
— FTX (@FTX_Official) August 25, 2023
FTX users began posting about suspicious emails that had already started coming through before they were informed:
been getting fake ftx phishing emails all day long, just found out ftx got cyber attacked and leaked customer personal data.
these guys are such fucking clowns
— Bluntz (@Bluntz_Capital) August 25, 2023
The emails suggested that withdrawals were now available for creditors in USDC and provided a link where visitors were asked to input their crypto wallet details and…well, the rest is self-explanatory.
Thankfully it doesn’t seem like anyone has yet fallen for the ruse, but it is a reminder that bad actors can, and will, take advantage of such situations for their own ends.