Crypto exchange Kraken targeted in extortion attempt but says there was no breach and no client funds at risk
The firm said a criminal group is attempting to extort it over limited insider-related data access incidents affecting about 2,000 accounts. Kraken says it will not pay and is working with law enforcement.
What to know:
- Kraken said a criminal group is attempting to extort the company by threatening to release videos of internal systems, but no breach occurred, and funds were never at risk.
- Two insider-related incidents involving unauthorized access to limited support data affected roughly 2,000 accounts.
- The exchange has notified impacted users, tightened controls and is working with law enforcement on potential arrests.
“Our systems were never breached; funds were never at risk; we will not pay these criminals; we will not ever negotiate with bad actors,” said Nick Percoco, chief security and information officer of Payward and Kraken, in a post on X.
The first incident came in February 2025, when Kraken received a tip about a video circulating on a criminal forum. An internal investigation identified the individual involved, revoked their access and led to additional security controls. A limited number of affected clients were notified.
More recently, Kraken received another tip and a similar video. The company said it again identified the individual responsible, terminated their access and notified affected users.
Security incidents remain a persistent issue in crypto because the industry combines high-value, easily transferable assets with technical and human vulnerabilities. Digital assets can be moved instantly across borders and are often irreversible once lost, making them attractive targets for malicious actors. At the same time, weaknesses in smart contracts, private key management and exchange infrastructure can create exploitable entry points, while phishing and social engineering schemes continue to target users directly.
