A group extorting Kraken claims to have accessed some client account information following two insider incidents involving customer support staff.
Kraken’s Extortion Plot: An Insider Play
Yesterday, Kraken’s Chief Security Officer (CSO), Nick Percoco, stated in a post on X that a criminal group is extorting the crypto exchange. They are threatening to release videos of Kraken’s internal systems that expose client data unless their demands are met.
According to Bloomberg, this was not a typical external hack but an insider-access issue. A small amount of customer details, like names and physical addresses, may have been exposed after support employees took photos and videos of internal screens in two separate incidents—one in 2025 and another earlier this year.
Kraken has reportedly warned potentially affected clients to be cautious of unsolicited contact. A source familiar with the matter told Bloomberg that around 2,000 accounts, roughly 0.02% of users, were impacted. The exposure was limited to basic support data, and Kraken stresses there was no system breach—client funds and trading infrastructure remain secure.
The exchange has openly dismissed the extortion attempt, stating it will not pay or negotiate with the criminals. Percoco’s post clarifies that Kraken is working with federal law enforcement across multiple jurisdictions and has gathered enough evidence to help identify those responsible.
A History of Customer Service Vulnerabilities at CEXs
This type of insider-access problem compromising customer data through support channels is not new for major centralized exchanges (CEXs), nor is it Kraken’s first such incident.
In January, Dark Web Informer reported that read-only access to Kraken’s internal customer support system was being sold for a negotiable price on a dark web forum. The access allowed viewing user profiles and transaction history.
Also in mid-2025, Kraken and Binance were targeted by a social-engineering campaign similar to one that previously led to a customer data breach at Coinbase. Attackers allegedly approached customer service agents at the exchanges and offered bribes for access to user information.
In a separate case this past February, a crypto trader claimed a former Revolut staffer tried to blackmail him by threatening to expose his personal data unless he paid. Revolut stated the allegation was referred to law enforcement.
Market Implications
This incident highlights a key market theme: in the current post-ETF, higher-regulation cycle, “counterparty risk” for centralized exchanges is shifting from pure asset custody to data security and insider controls. While no immediate outflows or price shocks are visible, repeated data-exposure headlines could push more activity toward exchanges with stronger transparency, on-chain venues, or self-custody solutions.Bitcoin is trading around $71,000 on the daily chart.
Frequently Asked Questions
FAQs Kraken Extortion Scheme Exchange Security
Beginner General Questions
1 What happened with Kraken
Kraken a major cryptocurrency exchange recently disclosed that a security researcher exploited a bug to temporarily withdraw funds that didnt belong to them The researcher then demanded a payment from Krakens security team under the guise of a bug bounty which Kraken classified as extortion
2 What is an extortion scheme in this context
Its when someone discovers a security flaw uses it to access funds or data without permission and then demands money from the company in exchange for not disclosing the exploit publicly or causing further harm This is different from ethical bug bounty programs where researchers report flaws responsibly for a predefined reward
3 Should I pull all my money off exchanges because of this
Not necessarily The incident highlights the importance of security practices but a complete pullout is an extreme reaction The flaw was patched and no client funds were lost Its a reminder to use strong security measures yourself and consider storing large amounts in a personal wallet
4 Can I still trust Kraken with my information
Kraken has stated that no client data was breached in this specific incident The vulnerability was related to account funding not a data leak However trust is ongoing you should monitor their transparency about the fix and any future incidents
5 What personal information do exchanges even have
Typically for verified accounts exchanges hold data like your name address date of birth government ID copies financial information for depositswithdrawals transaction history and IP addresses
Advanced Practical Questions
6 How is this different from a regular hack or data breach
In a typical hack attackers infiltrate systems silently to steal data or funds Here the individual identified a specific bug demonstrated its impact and immediately demanded payment creating a public confrontation about the vulnerabilitys disclosure and reward
7 What should I look for in an exchanges security policy now
Look for clear details on their bug bounty program their use of cold storage for most client funds insurance policies and their history of transparent incident reporting
8 What are the biggest risks to my data on an exchange
The primary risks are