Key Highlights
- Kraken says it is being blackmailed by criminals threatening to release videos of its internal systems.
- The company said two internal support access incidents affected about 2,000 client accounts in total.
- Kraken said it will not pay the attackers and is working with law enforcement to investigate and stop those responsible.
Crypto exchange Kraken on Monday reported that it is facing an extortion attempt by a criminal group that is threatening to release videos that allegedly show access to its internal systems and limited client data.
In a post on X, Nick Percoco, the company’s chief security and information officer, said the threats are connected to earlier cases where some support staff were found to have accessed client data without permission.
“We are currently being extorted by a criminal group threatening to release videos of our internal systems with client data shown if we do not comply with their demands,” he said.
According to Percoco, the attackers are trying to force the company into a demand by threatening to release the videos if it does not comply. However, the company said its systems were not breached and customer funds were never at risk.
Kraken linked the extortion to internal issues
The company said the first incident occurred in February 2025 after it received a tip about a video circulating on a criminal forum that appeared to show access to its client support systems. The company investigated and found that a support team member was involved.
The worker’s access was revoked immediately. Additional security controls were said to be added, and a small number of affected clients were notified. A second similar incident took place more recently after the firm got another tip and videos.
Kraken said it again identified the person involved, terminated access, and informed affected users. Across both incidents, approximately 2,000 client accounts were potentially viewed, which is about 0.02% of its customer base.
Extortion demands and ongoing investigation
Kraken said that once access was removed in both cases, the extortion demands started. The attackers then threatened to release material from the incidents unless their demands were met.
However, Percoco said Kraken will not comply with the demands. He said, “Our systems were never breached; funds were never at risk; we will not pay these criminals; we will not ever negotiate with bad actors.”
He added that the company is working with industry partners and law enforcement across multiple jurisdictions to investigate and disrupt insider recruitment efforts targeting crypto, gaming, and telecommunications firms.
Due to the ongoing investigation, Kraken said it cannot share all details yet, but that its main focus is protecting clients and stopping similar insider-related threats in the future.
Political scrutiny over Fed access
Meanwhile, the exchange is also facing political scrutiny after the U.S. Representative Maxine Waters recently asked the Federal Reserve Bank of Kansas City for answers about its decision to give the exchange a “limited purpose account.”
According to a previous report, this account gives Kraken some access to the U.S. payment system, which the Federal Reserve runs. However, Waters said the term is not clearly defined and raised concerns about how the decision was made and how the risk will be managed.
Also Read: South Korea Cracks Down on Coinone With AML Sanctions and $3.5M Fine
