Kroll logo on a red background in relation to FTX Customer Data Breach.

As you may know, risk and financial advisory company Kroll recently released more information about the August data breach that exposed the personal information of FTX bankruptcy claimants. Among the exposed data were coin holdings and balances, which could enable threat actors to target individuals with significant investments in the cryptocurrency markets.

“This letter provides important information that can help protect you and your digital assets against misuse of your personal data, including your name, email address, phone number, address, claim number, claim amount, FTX account ID, and/or coin holdings and balances, as well as, for a limited number of individuals, date of birth,” the company said in letters sent out earlier this month.

Fortunately, the incident did not affect any FTX systems or FTX digital assets. Additionally, Kroll does not maintain passwords to FTX accounts. However, Kroll advises those affected by the incident to remain vigilant and take precautions to protect their accounts. They also warn of potential phishing emails, text messages, and social media messages attempting to deceive and gain unauthorized access to FTX customers’ cryptocurrency accounts and digital assets.

How to Stay Safe

For those potentially at risk, the risk consulting company recommends:

  • Never sharing your passwords, seed phrases, private keys, or other secret information with untrusted individuals, applications, websites, or devices.
  • Never assuming an email or other communication is legitimate because it contains information about your claim or FTX account.
  • Always verifying information received from any other website about the FTX bankruptcy case or your claim by visiting the website of the Claims Agent, Kroll Restructuring Administration LLC: https://restructuring.ra.kroll.com/FTX/ or contacting Kroll Restructuring Administration at FTXquestions@kroll.com.

To protect assets against targeted phishing attacks, we recommend storing your cryptocurrency in cold wallets, which make it more difficult for threat actors to steal.

BlockFi and Genesis Creditors Also Affected

Kroll confirmed that one of its employees fell victim to a SIM-swapping attack in August, allowing hackers to access “certain files containing personal information of bankruptcy claimants.” Following the breach, phishing emails began targeting affected individuals, impersonating FTX and claiming that recipients were eligible to withdraw digital assets from their accounts. The phishing messages matched the recipients’ last known balance on the cryptocurrency platforms.

The attackers’ goal was to trick targets into giving away the seeds protecting their cryptocurrency wallets, allowing the hackers to empty them. Although Kroll handles restructuring cases for hundreds of organizations, a spokesperson stated that the impact was limited to FTX, BlockFi, and Genesis Global Holdco crypto-investment companies and their creditors.

As of now, Kroll has not disclosed the sensitive information belonging to BlockFi and Genesis creditors that was also exposed during the breach.

Don’t Wait to Protect Your Assets

As a business owner, being aware of potential threats and taking the necessary precautions is crucial for protecting your assets and your customers’ information. Don’t wait for a breach to occur before taking action. Contact us at ZZ Servers today to learn how we can help you safeguard your digital assets and ensure the security of your business.