Kroll Data Breach Affects FTX, BlockFi, and Genesis Creditors

Kroll Data Breach Affects FTX, BlockFi, and Genesis Creditors: A data breach at financial advisory firm Kroll has compromised the personal data of creditors associated with FTX, BlockFi, and Genesis.

The breach was the result of a SIM-swapping attack on a Kroll employee. Here are the key details.

Key Takeaways Kroll Data Breach:

• Kroll experienced a data breach that exposed the personal information of creditors linked to FTX, BlockFi, and Genesis.
• The breach occurred due to a SIM-swapping attack on a Kroll employee’s phone number.
• FTX and BlockFi clarified that limited, non-sensitive customer data was exposed, and neither company’s systems were directly breached.

Unauthorized Access via SIM-Swapping Attack

Reports on social media have highlighted a data breach at Kroll, a financial and risk advisory company.

This breach led to the unauthorized exposure of personal data belonging to creditors associated with FTX, BlockFi, and Genesis.

Limited Impact on FTX and BlockFi

FTX and BlockFi, two crypto companies involved in the incident, explained that while some limited, non-sensitive customer data of specific claimants was exposed, user passwords and client funds remained unaffected.

Importantly, the breach did not directly target their systems.

Kroll’s Response and Actions Taken

Kroll confirmed that the breach was a result of a SIM-swapping attack on one of its employees.

This attack allowed the threat actor to access files containing personal information related to bankruptcy claimants associated with BlockFi, FTX, and Genesis. Kroll acted promptly to secure the affected accounts and informed those impacted by the breach.

Phishing Attempts Follow the Breach

In the aftermath of the Kroll breach, individuals involved in pending bankruptcy cases related to the crypto firms reported receiving phishing emails. These emails impersonated FTX and claimed that recipients could withdraw digital assets from their accounts.

However, the aim of these messages was to phish cryptocurrency wallet seeds and potentially empty wallets.

Limited Scope of Impact

While Genesis has not made any official statements about the breach, it is stated that the incident was a result of a SIM-swapping attack on one of Kroll’s employee’s T-Mobile numbers.

The attackers used this attack to gain access to files stored in Kroll’s cloud-based systems, which contained information such as names, addresses, email addresses, and debtor claim details.

Importantly, the breach appears to be limited in scope, affecting only the three crypto-investment companies mentioned and their creditors.

Conclusion

The data breach at Kroll has highlighted the importance of cybersecurity in the financial sector. Prompt actions were taken to secure affected accounts and notify impacted individuals. The incident serves as a reminder of the ongoing need for robust security measures to protect sensitive financial data.

About Kroll:

Kroll is a financial and risk advisory firm known for its expertise in helping clients address complex challenges. They provide services related to risk management, restructuring, and other financial advisory solutions.