{"id":25844,"date":"2026-04-14T14:07:49","date_gmt":"2026-04-14T14:07:49","guid":{"rendered":"https:\/\/bitunikey.com\/news\/kraken-refuses-ransom-after-internal-extortion-attempt-hits-2000-accounts\/"},"modified":"2026-04-14T14:07:59","modified_gmt":"2026-04-14T14:07:59","slug":"kraken-refuses-ransom-after-internal-extortion-attempt-hits-2000-accounts","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/kraken-refuses-ransom-after-internal-extortion-attempt-hits-2000-accounts\/","title":{"rendered":"Kraken refuses ransom after internal extortion attempt hits 2,000 accounts"},"content":{"rendered":"<p><\/p>\n<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">Kraken rebuffs a criminal extortion bid after improper internal access exposed data on about 2,000 accounts but says no systemic breach or client fund risk.<\/p>\n<div id=\"cn-block-summary-block_79cc498e3b8f3be8d733e7c0ea3ed9eb\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>Kraken says it is being extorted by a criminal group threatening to leak videos of internal system access but insists there was no systemic breach and no client funds at risk.<\/li>\n<li>The exchange links the incident to improper access by people tied to its customer support team that touched data on about 2,000 accounts, roughly 0.02% of users.<\/li>\n<li>Chief security officer Nick Percoco says Kraken has cut off access, notified affected users and is working with law enforcement as \u201cinternal infiltration + social engineering\u201d attacks grow.<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>Cryptocurrency exchange Kraken says it is being blackmailed by a criminal organisation that claims to have videos showing access to the company\u2019s internal systems, but has vowed not to pay any ransom and maintains that customer funds remain safe. In a statement cited by CoinDesk, the platform stressed there had been \u201cno systemic breach\u201d of its trading infrastructure or wallets, describing the incident as a targeted abuse of internal access rather than a successful hack of core systems.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<p>Kraken said the episode stems from improper access by individuals linked to its customer service operation in two separate incidents, which together exposed limited data on around 2,000 accounts, or roughly 0.02% of its total user base. Those users have been notified, the exchange added, while the people involved have had their credentials revoked and been cut off from internal tools as Kraken tightens monitoring and access controls.<\/p>\n<h1 class=\"wp-block-heading\" id=\"internal-infiltration-social-engineering-and-krake\">Internal infiltration, social engineering and Kraken\u2019s response<\/h1>\n<p>Chief security officer Nick Percoco, who has previously called a separate $3 million exploit of Kraken\u2019s systems \u201cnot white hat hacking, it is extortion,\u201d said the company is again treating the new threats as a criminal matter and is cooperating with law enforcement. He told reporters Kraken believes it has sufficient evidence \u201cto identify and help arrest\u201d those behind the latest extortion attempt and reiterated that the platform will not negotiate with actors trying to monetize internal access.<\/p>\n<p>According to the company\u2019s description, the attack reflects a rising pattern of \u201cinternal infiltration + social engineering,\u201d in which outsiders work to compromise or recruit people inside service organisations in order to gain read\u2011only access, reconnaissance footage or limited customer data rather than directly attacking hardened wallet systems. Earlier this year, a dark\u2011web listing claiming $1 access to Kraken\u2019s internal support panel and KYC data prompted similar concerns, though the exchange did not confirm a breach and security researchers warned that even read\u2011only access to support tools could be weaponised for phishing and targeted scams.<\/p>\n<p>The new extortion attempt lands after a separate March incident in which a Kraken user reportedly lost about 7,784 ETH and 26.5 BTC \u2014 worth roughly $18.2 million \u2014 to a sophisticated social\u2011engineering scheme before the funds were moved to HitBTC, underscoring the spectrum of threats facing both platforms and customers. As blockchain analytics firm EmberCN and others have noted, even where exchange treasuries and hot wallets remain uncompromised, lapses in human controls \u2014 from customer\u2011support access to user opsec \u2014 can still translate into large losses and reputational damage.<\/p>\n<p>For Kraken, the latest case is a stress test of its long\u2011promoted security culture, which includes mandatory two\u2011factor authentication, hardware\u2011key support and regular public messaging from Percoco on account\u2011protection best practices. For the wider industry, it is another reminder that in a market where a single compromised credential can dangle millions of dollars in front of attackers, the biggest risks often sit at the intersection of internal access, human error and old\u2011fashioned extortion \u2014 not just in zero\u2011day code.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Kraken rebuffs a criminal extortion bid after improper internal access exposed data on about 2,000 accounts but says no systemic breach or client fund risk. Summary Kraken says it is&hellip;<\/p>\n","protected":false},"author":1,"featured_media":1896,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-25844","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/25844","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=25844"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/25844\/revisions"}],"predecessor-version":[{"id":25845,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/25844\/revisions\/25845"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/1896"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=25844"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=25844"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=25844"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}