It appears that a data breach involving FTX bankruptcy claims agent Kroll has resulted in the leak of sensitive information, contrary to earlier reports.
In an alleged Kroll Q&A Summary published on Aug. 30, FTX users' email addresses, mailing addresses, account numbers, unique bankruptcy identifiers, account balances, phone numbers, and other claim details were all reportedly breached in a cybersecurity incident that took place on Aug. 25. Previously, FTX wrote that Kroll "experienced a cybersecurity incident that compromised non-sensitive customer data of certain claimants in the pending bankruptcy case."
Kroll Data Leak Urgent
Kroll email (25 Aug) saying that name, address, email address, and the balance in FTX account was leaked
On Kroll's Q&A they state the information leaked is the above +
FTX account no., Unique ID and Phone numbers
Creditors Please be Safe pic.twitter.com/HaYhttZLAs
Immediately after the incident, FTX said account passwords were not maintained by Kroll and that the firm's own systems along with its digital assets were not affected. A day later, the bankrupt exchange said it would temporarily freeze the accounts of affected customers within the claims portal.
According to the report, Kroll has since "contained and remediated" the incident. However, it warned that users should remain on "high alert" for "fraud and scam" attempts that appear legitimate via the stolen data. Shortly after the breach, multiple users began reporting phishing emails disguised as from Kroll.
New rounds of phishing attacks already underway for the poor users of FTX, BlockFi, Genesis, as a result of the Kroll data leak, which seems to be a result of a SIM swap on an employee.♂️
Learn to protect yourself. Learn about phishing