FTX, BlockFi Users Targeted in Phishing Scheme After Kroll’s Security Breach

FTX users are being targeted as a result of the security breach of its bankruptcy case claims agent, Kroll. The defunct crypto exchange stated that Kroll is currently in the process of notifying the individuals who have been affected by the incident, providing them with guidance on safeguarding themselves.

Despite warning users to remain on “high alert for attempted fraud and scam emails impersonating parties in the bankruptcy,” FTX highlighted that account passwords and systems remain uncompromised.

FTX Users Targeted in Phishing Scheme

According to the official update by FTX, a number of users reported phishing emails after Kroll suffered a cybersecurity breach that resulted in the exposure of non-sensitive customer data from specific claimants associated with the ongoing bankruptcy case.

“The incident occurred at Kroll, and Kroll is notifying affected individuals directly with measures that customers can take to protect themselves. FTX account passwords were not maintained by Kroll, and FTX’s own systems were not affected.” – reads the statement.

This was also corroborated by the popular on-chain investigator, ZachXBT, who claimed that his friend received a similar phishing email to the one linked with their FTX account. The fraudulent email in question starts off by asserting the user’s eligibility to make a withdrawal of digital assets from their FTX account. It then directs users to click a link to proceed with the withdrawal.

BlockFi Compromised As Well

FTX isn’t the only bankrupt crypto firm to have its claimant data compromised in the incident. BlockFi also became aware of the situation on Wednesday, with Kroll confirming that an unauthorized party gained access to specific client data from the defunct lender stored on Kroll’s platform.

In a statement to its users, BlockFi assured its internal systems and client funds were not impacted. The lender said that similar incidents have impacted other crypto platforms in bankruptcy recently and cautioned users against the increase in phishing attempts and spam phone calls.

It further highlighted that neither BlockFi nor Kroll will ever contact users via call, email, or text to solicit personal information. The embattled crypto hedge fund, which filed voluntary cases under Chapter 11 of the US Bankruptcy Code, also advised users to directly visit the website and refrain from clicking on any email links for logging in.

The security incident surfaces as BlockFi fights to prevent attempts by FTX and Three Arrows Capital (3AC) to reclaim billions of dollars exchanged between the companies before their collapse in the previous year.