Kraken Reveals Extortion Demands After Client Data Incident: ‘We Will Not Pay’, Security Chief Says

bitcoinistPublicado em 2026-04-14Última atualização em 2026-04-14

Resumo

Kraken, a major US crypto exchange, has publicly refused extortion demands from a criminal group following two incidents of unauthorized access to limited client support data. Chief Security Officer Nick Percoco stated the exchange identified and terminated access for individuals involved, emphasizing that no systems were breached and user funds remained safe. Approximately 2,000 client accounts (0.02% of users) were affected. Kraken is cooperating with law enforcement and industry partners to investigate what it describes as insider recruitment efforts targeting multiple sectors. The incident has sparked community concerns over insider threats and data security, drawing comparisons to a similar past event at Coinbase.

Kraken, the US’s second-largest crypto exchange, has rejected extortion threats from a criminal group after two incidents of unauthorized access to limited client support data in the past year, reigniting investors’ concerns about insider threats.

Kraken Fights Back Extortion Demands

On Monday, Kraken’s Chief Security Officer (CSO), Nick Percoco, revealed that a criminal group is extorting the crypto exchange, threatening to release videos of their systems exposing client data.

In a security update, the CSO affirmed that Kraken had identified and shut down two instances of inappropriate access to limited client support data since 2025. Per the post, the crypto exchange received a tip about a video shared on a criminal forum. The video reportedly showed access to Kraken’s client support system.

The exchange “immediately launched an investigation and quickly identified the individual involved as a member of our support team,” Percoco explained, “Their access was revoked immediately, a full investigation was conducted, additional security controls were put in place and a limited number of affected clients were notified.”

More recently, they received another tip with a new video showing similar activity, prompting a new investigation to identify the parties involved, terminate their access, and notify the affected clients.

“Shortly after access was terminated, we began receiving extortion demands,” the security chief stated. “The criminals threatened to distribute materials from both the February 2025 incident and the recent incident to media outlets and on social media if we did not comply.”

Percoco emphasized that the exchange’s systems were never breached and funds were never at risk. In addition, he noted that “only a very small number” of client accounts, approximately 2,000 or 0.02% of clients, were potentially viewed across both incidents.

Kraken has now publicly rejected the criminal demands, declaring that they “will not pay these criminals” and “will not ever negotiate with bad actors.”

In the announcement, the exchange highlighted that it has been collaborating with industry partners and law enforcement to “investigate and disrupt insider recruitment efforts targeting not only crypto companies, but also gaming and telecommunications organizations.”

Based on intelligence gathered from the two incidents and extensive analysis, Kraken believes there is sufficient evidence to identify and arrest all individuals involved, but did not share additional details as the investigation continues. However, they urged anyone with relevant information to contact the exchange directly.

This incident comes just a month after Kraken scored a major victory for the crypto industry, becoming the first crypto company with direct access to the Federal Reserve’s core payment system after winning the Kansas City Fed’s approval for a Fed master account.

Crypto Community Raises Insider Access Concerns

Crypto investors and Kraken users online reacted to the news, questioning the exchange about the details of the two incidents and criticizing the exchange for offshoring customer support staff.

“So, basically, you outsourced it to shady third-party companies (or even worse, your internal recruiters are sleeping), and you got hacked twice or more. You made your customers vulnerable to wrench attacks,” an X user wrote under Percoco’s post.

However, details of whether the inappropriate data access was from an in-house support team or an overseas third-party support staff have not been revealed yet.

Another crypto community member pushed back on Kraken’s “very small number” of clients clarification, asserting that “this is not the metric you think it is... of those 2000 accounts, they are probably the ones with balances worth wrench attacking.”

Others drew a parallel between this incident and Coinbase’s data breach controversy from last year. For context, Coinbase CEO Brian Armstrong revealed in May 2025 that malicious actors had bribed a handful of support contractors overseas to access the company’s internal tools.

This led to the leak of names, email addresses, limited transaction records, and partial Social Security numbers of around 1% of the exchange’s users. Then, the attackers attempted to blackmail Coinbase using the breached information, demanding a $20 million Bitcoin (BTC) ransom for the sensitive data.

Reuters later alleged that Coinbase had been aware of the customer data leak months before it disclosed it, also raising concerns about transparency and insider threats.

The total crypto market capitalization is at $2.43 trillion in the one-week chart. Source: TOTAL on TradingView

Perguntas relacionadas

QWhat did Kraken's Chief Security Officer reveal about the extortion demands?

AKraken's CSO Nick Percoco revealed that a criminal group is extorting the crypto exchange by threatening to release videos of their systems exposing client data, and that Kraken will not pay or negotiate with these criminals.

QHow many client accounts were potentially affected by the unauthorized access incidents at Kraken?

AApproximately 2,000 client accounts, or 0.02% of Kraken's clients, were potentially viewed across both incidents.

QWhat was the nature of the security incidents at Kraken, according to the company?

AThe incidents involved two instances of unauthorized access to limited client support data by individuals who were members of the support team, but the company's core systems were never breached and client funds were never at risk.

QHow did the crypto community react to Kraken's announcement of the security incidents?

AThe community questioned the details of the incidents, criticized the exchange for potentially offshoring customer support staff, and expressed concern that the affected accounts might be high-value targets for 'wrench attacks'.

QWhat parallel was drawn between this Kraken incident and another crypto exchange?

AThe incident was compared to Coinbase's data breach from May 2025, where malicious actors bribed overseas support contractors to access internal tools, leading to a data leak and a subsequent extortion attempt.

Leituras Relacionadas

Google and Amazon Simultaneously Invest Heavily in a Competitor: The Most Absurd Business Logic of the AI Era Is Becoming Reality

In a span of four days, Amazon announced an additional $25 billion investment, and Google pledged up to $40 billion—both direct competitors pouring over $65 billion into the same AI startup, Anthropic. Rather than a typical venture capital move, this signals the latest escalation in the cloud wars. The core of the deal is not equity but compute pre-orders: Anthropic must spend the majority of these funds on AWS and Google Cloud services and chips, effectively locking in massive future compute consumption. This reflects a shift in cloud market dynamics—enterprises now choose cloud providers based on which hosts the best AI models, not just price or stability. With OpenAI deeply tied to Microsoft, Anthropic’s Claude has become the only viable strategic asset for Google and Amazon to remain competitive. Anthropic’s annualized revenue has surged to $30 billion, and it is expanding into verticals like biotech, positioning itself as a cross-industry AI infrastructure layer. However, this funding comes with constraints: Anthropic’s independence is challenged as it balances two rival investors, its safety-first narrative faces pressure from regulatory scrutiny, and its path to IPO introduces new financial pressures. Globally, this accelerates a "tri-polar" closed-loop structure in AI infrastructure, with Microsoft-OpenAI, Google-Anthropic, and Amazon-Anthropic forming exclusive model-cloud alliances. In contrast, China’s landscape differs—investments like Alibaba and Tencent backing open-source model firm DeepSeek reflect a more decoupled approach, though closed-source models from major cloud providers still dominate. The $65 billion bet is ultimately about securing a seat at the table in an AI-defined future—where missing the model layer means losing the cloud war.

marsbitHá 3h

Google and Amazon Simultaneously Invest Heavily in a Competitor: The Most Absurd Business Logic of the AI Era Is Becoming Reality

marsbitHá 3h

Computing Power Constrained, Why Did DeepSeek-V4 Open Source?

DeepSeek-V4 has been released as a preview open-source model, featuring 1 million tokens of context length as a baseline capability—previously a premium feature locked behind enterprise paywalls by major overseas AI firms. The official announcement, however, openly acknowledges computational constraints, particularly limited service throughput for the high-end DeepSeek-V4-Pro version due to restricted high-end computing power. Rather than competing on pure scale, DeepSeek adopts a pragmatic approach that balances algorithmic innovation with hardware realities in China’s AI ecosystem. The V4-Pro model uses a highly sparse architecture with 1.6T total parameters but only activates 49B during inference. It performs strongly in agentic coding, knowledge-intensive tasks, and STEM reasoning, competing closely with top-tier closed models like Gemini Pro 3.1 and Claude Opus 4.6 in certain scenarios. A key strategic product is the Flash edition, with 284B total parameters but only 13B activated—making it cost-effective and accessible for mid- and low-tier hardware, including domestic AI chips from Huawei (Ascend), Cambricon, and Hygon. This design supports broader adoption across developers and SMEs while stimulating China's domestic semiconductor ecosystem. Despite facing talent outflow and intense competition in user traffic—with rivals like Doubao and Qianwen leading in monthly active users—DeepSeek has maintained technical momentum. The release also comes amid reports of a new funding round targeting a valuation exceeding $10 billion, potentially setting a new record in China’s LLM sector. Ultimately, DeepSeek-V4 represents a shift toward open yet realistic infrastructure development in the constrained compute landscape of Chinese AI, emphasizing engineering efficiency and domestic hardware compatibility over pure model scale.

marsbitHá 3h

Computing Power Constrained, Why Did DeepSeek-V4 Open Source?

marsbitHá 3h

Memecoin Millionaires Line Up For Trump’s Exclusive Luncheon

A crypto investor paid only $500 to attend an exclusive luncheon with former President Donald Trump at Mar-a-Lago, reflecting a significant decline in enthusiasm compared to previous events. The TRUMP memecoin has lost over 93% of its value since its peak, falling from around $45 to under $3. Despite the collapse, nearly 300 top holders are expected to attend the gathering, which critics argue is an attempt to buy access to the president. Notable attendees include key figures from the industry like Tether CEO Paolo Ardoino and Bitcoin advocate Anthony Pompliano. However, Tron founder Justin Sun, the largest holder of the token, is absent amid a lawsuit against a crypto platform co-founded by Trump’s sons. Ethics watchdogs have raised concerns about conflicts of interest and lack of financial transparency.

bitcoinistHá 7h

Memecoin Millionaires Line Up For Trump’s Exclusive Luncheon

bitcoinistHá 7h

Why Bitcoin Price Failed To Breach $80K: An On-Chain Deep Dive

Bitcoin's price recently surged to a three-month high above $79,000 but struggled to break the $80,000 resistance. According to on-chain analysis, a key reason is the "True Market Mean Price," a metric representing the average cost basis of active market participants, which acted as a strong resistance level. Additionally, a shift in market sentiment toward FOMO (fear of missing out) and euphoria signaled caution among traders. Analysts suggest that a confirmed breakout would require holding above this level for about three days. As of the latest data, BTC is trading around $77,588.

bitcoinistHá 8h

Why Bitcoin Price Failed To Breach $80K: An On-Chain Deep Dive

bitcoinistHá 8h

XRP And Bitcoin Investors Are ‘Trapped’, But Is There A Way Out?

Crypto analyst RWA Investor claims that both XRP and Bitcoin short sellers are currently 'trapped.' He outlines a potential roadmap for XRP to reach a new all-time high of $7. The prediction involves XRP first breaking the $1.50-$1.60 range to rally to $2-$3, followed by a major pullback. A third wave is then expected to emerge, culminating in a final bear trap before a massive short squeeze propels the price to the $7 target. The analyst attributes this anticipated rally to Federal Reserve rate cuts and quantitative easing. Separately, analyst CasiTrades suggests XRP move to the $1.50-$1.53 range is still possible if Bitcoin approaches $79,900, provided XRP holds the $1.39 support level.

bitcoinistHá 9h

XRP And Bitcoin Investors Are ‘Trapped’, But Is There A Way Out?

bitcoinistHá 9h

Trading

Spot
Futuros
活动图片

Categorias popularesright-arrow

Etiquetas Popularesright-arrow