Kraken Extorted by Hackers After Insider Breach Incident

What Happened

Kraken, a leading cryptocurrency exchange, is currently facing extortion threats from a cybercrime group. This group is threatening to release videos that reveal internal systems containing client data. The exchange’s Chief Security Officer, Nick Percoco, confirmed that the incident involved an insider threat, where two support employees improperly accessed limited customer data.

Who's Affected

What Data Was Exposed

The compromised data includes information accessible by support staff, but it does not encompass sensitive financial details. Kraken has taken immediate action to revoke the involved employees' access and has notified affected users directly.

What You Should Do

If you are a Kraken user, monitor your account for any suspicious activity. It’s also advisable to change your passwords and enable two-factor authentication for added security. Kraken is working closely with federal law enforcement to pursue legal action against the extortionists.

Background on Insider Threats

Insider threats are a growing concern in various industries, particularly in the cryptocurrency sector. A similar incident occurred at Coinbase in mid-2025, where hackers bribed employees to disclose client information, affecting 70,000 customers and leading to significant financial losses. This highlights the importance of stringent security measures and employee training to mitigate insider threats.

Kraken's proactive stance against the extortionists, including their refusal to negotiate, sets a precedent for how organizations can handle such threats. By maintaining transparency and taking swift action, they aim to protect their users and uphold their reputation in the industry.