Bankrupt crypto platforms FTX and BlockFi warn customers of data breach

25 Aug 2023
Author Matthew Woods
Data breach

FTX and BlockFi, the dominant players in the cryptocurrency industry, issued a cautionary statement to their customers late on Thursday night, notifying them about a security breach that exposed confidential data through a third-party supplier.

Data breach - Figure 1
Photo therecord.media

Prior to their declaration of bankruptcy in November, these businesses had gained substantial popularity as cryptocurrency trading platforms. FTX had previously planned to acquire BlockFi prior to their downfall.

Similar to numerous crypto platforms that filed for bankruptcy last year, numerous FTX and BlockFi customers had funds deposited in their accounts on these services when they faced insolvency. Consequently, a substantial sum of cryptocurrency, valued at millions of dollars, remained uncertain and inaccessible while the companies underwent the bankruptcy proceedings.

Both FTX and BlockFi enlisted the services of consulting company Kroll to establish a platform for managing compensation claims, aiming to restore a portion of the funds that were lost when their operations faced significant setbacks.

On Wednesday, Kroll notified both companies about a "data breach".

FTX has been informed that Kroll, the claims agent handling the bankruptcy proceedings, recently encountered a cyber breach that affected the customer data of specific claimants involved in the ongoing bankruptcy case.

"The event took place at Kroll, and Kroll is informing the individuals impacted directly about the actions that customers can adopt in order to safeguard themselves. Kroll was not responsible for managing the passwords for FTX accounts, and FTX's internal systems remained unaffected."

FTX further stated that Kroll has given them reassurance that they "quickly controlled and resolved the situation." However, they cautioned users to remain vigilant against deceptive emails and deceitful phone calls.

BlockFi released a comparable statement, notifying users that an "unauthorized individual" managed to obtain customer data stored on Kroll platforms.

“To put it simply, BlockFi's internal systems and client funds were not affected. We can also verify that BlockFi account passwords were never saved on Kroll's platform,” the company stated on X (previously known as Twitter).

We wanted to inform you personally so that you can take additional measures to safeguard yourself. You don't have to do anything at the moment regarding your BlockFi account.

Both Kroll and the digital currency platforms failed to provide any response or answer queries regarding the number of affected users or the nature of the accessed information.

Similar to FTX, BlockFi encouraged its users to implement several precautions to safeguard their accounts. These precautions include practicing good online security habits, utilizing two-step verification, and utilizing a security function known as "allowlisting," which enforces a 7-day waiting period for any withdrawal of funds by customers.

"This greatly diminishes the chance of being affected by a malicious individual," BlockFi clarified, stating their intention to inform customers about the occurrence "prior to malevolent individuals being able to exploit this knowledge and harm clients."

"We recognized the importance of acting promptly, and we are swiftly conducting a comprehensive examination of the information. As we gather more specifics, we will be sending further updates via email to all clients impacted by this situation," they expressed.

According to the announcement, BlockFi and Kroll will never reach out to customers through phone calls, emails, or text messages to request personal details. The company advises users to visit the BlockFi website directly rather than clicking on any provided links.

According to the experts, customers should be prepared for an increase in the number of phishing attempts and unsolicited phone calls.

The BlockFi Official Committee of Unsecured Creditors, a group that speaks for ex-BlockFi users, has issued a cautionary message to its members regarding the occurrence. They have mentioned that they are actively collaborating with BlockFi and Kroll to comprehend the situation and determine the necessary actions to safeguard BlockFi customers.

According to BlockFi's statement, they highlight that this is not the inaugural cyberattack to hit an insolvent digital currency platform. Just three weeks prior, legal representatives of crypto platform Voyager had stated in a court of law that they too experienced a breach.

Similar to BlockFi, Voyager's connections to FTX played a role in the initiation of the insolvency proceedings.

The organization decided to enable its platform again for a period of 30 days, aiming to provide an opportunity for clients to withdraw a portion of their finances. However, the legal representatives of the company have stated that the platform experienced unauthorized access from cybercriminals within this 30-day timeframe. Presently, the company is collaborating with both law enforcement authorities and court officials to conduct a thorough examination of this unfortunate event.

According to a report by Bloomberg, the attorney cautioned that hackers had established numerous counterfeit websites to deceive customers of Voyager. These deceptive sites aimed to trick the customers into connecting their cryptocurrency wallets, ultimately resulting in the unauthorized withdrawal of funds.

blog section Enhance your understanding with the blog section

Jonathan Greig is a Breaking News Reporter for Recorded Future News. Since 2014, he has worked as a journalist in various countries around the world. Prior to returning to New York City, he gained experience working for news organizations in South Africa, Jordan, and Cambodia. In the past, he focused on cybersecurity reporting for ZDNet and TechRepublic.

Read more
Similar news
This week's most popular news