What to know:
- Kraken investigates insider data leak tied to ongoing extortion threat.
- Insider access incidents expose new risks across crypto security systems.
- Extortion attempt follows limited client data exposure at Kraken exchange.
Security concerns intensified at Kraken after the firm confirmed an insider-related data exposure linked to an ongoing extortion attempt. The situation has drawn attention to internal vulnerabilities as cybercriminals increasingly target employees rather than systems.
According to Nick Percoco, the company uncovered two separate incidents involving inappropriate access to client support data. He explained that both cases stemmed from individuals within the organization, not from external breaches. Moreover, he stressed that client funds remained secure and the platform’s core infrastructure was never compromised.
The first incident occurred in February 2025, when Kraken received a tip about a video circulating on a criminal forum. The footage appeared to show access to internal support tools. Consequently, the company launched an investigation and quickly identified a support staff member involved. The employee’s access was revoked immediately, and the firm introduced tighter controls while notifying affected users.
However, a similar case surfaced more recently, again flagged through external intelligence. Kraken acted swiftly to identify the individual responsible and terminate their access. Additionally, the company repeated its response process by securing systems and informing impacted clients. Across both incidents, approximately 2,000 accounts were potentially viewed, representing a small fraction of the total user base.
Also Read: Who Is Moving XRP: Mysterious 179,658,285 XRP Just Hit the Chain – What’s Going On?
Insider recruitment tactics raise pressure on internal security controls
Significantly, Kraken linked both incidents to broader insider recruitment campaigns targeting multiple industries. The company noted that attackers are increasingly targeting employees in the crypto, gaming, and telecommunications sectors. This trend reflects a shift toward social engineering strategies that bypass traditional system defenses.
Besides, the extortion attempt emerged shortly after Kraken disabled the unauthorized access. The attackers threatened to release videos allegedly showing internal systems and client data unless the company complied with their demands. Nevertheless, Kraken refused to engage or make any payment, maintaining a firm stance against criminal coercion.
Moreover, the company confirmed ongoing cooperation with law enforcement agencies across several jurisdictions. Investigators are working to identify and apprehend those responsible using intelligence gathered from both incidents. This coordinated effort highlights the seriousness of insider-related threats within the digital asset sector.
Additionally, Kraken stated that all affected clients had already received direct notification. The company also emphasized continued investment in internal monitoring and stricter access controls to reduce future risks. Kraken’s investigation underscores the growing risk of insider-driven data exposure and extortion attempts.
Also Read: Coinone Hit With $3.5M Fine as South Korea Tightens Crypto Oversight
