By MAX, CryptoCity
Kraken Stands Firm: Refuses Ransom Payment in Face of Extortion Threat
Cryptocurrency exchange Kraken recently found itself at the epicenter of a sophisticated extortion attempt targeting its internal systems. However, the company has chosen a resolute path, publicly declaring its refusal to negotiate with criminals or yield to their demands. Nick Percoco, Kraken’s Chief Security Officer (CSO), disclosed on social media platform X that an unidentified criminal organization claimed possession of videos detailing the exchange’s internal operations and sought an undisclosed ransom.
The perpetrators threatened to disseminate these internal videos, potentially containing customer data, across social media and to news agencies unless their demands were met. Percoco’s response was unequivocal: “We will not negotiate with criminals, and we will never pay ransom to malicious actors.” This uncompromising stance is a significant statement within the crypto industry, where paying ransoms can inadvertently fuel and embolden cybercriminal enterprises.
Kraken has reassured its users that despite the criminals’ claims of possessing some footage, the exchange’s core trading systems were never compromised. User funds and transaction security remain robust and unaffected by this incident.
Internal Privilege Misuse Impacts 2,000 Users, Funds Remain Secure
The root of this extortion saga traces back to two distinct security incidents involving the misuse of internal privileges. Kraken elaborated on these events:
- First Incident (February 2025): The company received intelligence regarding videos circulating on criminal forums, purportedly showcasing Kraken’s customer support system backend. A swift and thorough internal investigation led to the identification of a support team employee, whose access privileges were immediately revoked.
- Second Incident (Recent): Kraken received further alerts and videos indicating another staff member had improperly accessed customer data.
Collectively, these two incidents affected the account data of approximately 2,000 users, a minuscule 0.02% of Kraken’s global user base of millions. Crucially, the breaches stemmed from internal personnel misusing support tools, not from an external hack of the core trading system. The compromised information primarily involved read-access data related to customer service, rather than sensitive financial controls or private keys. Kraken has since notified all affected users individually and has significantly reinforced its internal system monitoring and access restrictions.
Insider Threats: A Growing Challenge for the Crypto Industry
Kraken’s experience underscores a burgeoning security threat prevalent across the cryptocurrency landscape. Criminal organizations are increasingly shifting tactics, employing high-value bribes or social engineering to recruit insiders within crypto firms, gaming companies, and even telecommunication providers. These recruited “moles” then serve as conduits for obtaining sensitive system information.
For instance, rival exchange Coinbase faced a similar extortion attempt in May 2025, where criminals allegedly bribed outsourced customer service personnel to acquire data belonging to approximately 70,000 users. The incident was tied to a reported $20 million ransom demand.
- Related News: Coinbase Faces Insider Leak of User Data, Potential $400M Loss, $20M Bounty Offered for Hackers
Similarly, digital asset firm Galaxy Digital recently addressed an unauthorized access incident within its development environment.
Data from blockchain intelligence firm Nominis highlights the escalating risk. In March 2026 alone, the crypto industry suffered losses totaling $178 million due to various attacks, a sharp increase from $49.3 million in February. The rising frequency of criminals exploiting internal personnel for reconnaissance or privilege abuse demonstrates that attacks targeting human vulnerabilities are often more potent than purely technical breaches.
Kraken’s Counter-Offensive: Collaborating with Law Enforcement Amidst Regulatory Scrutiny
Beyond its steadfast refusal to pay ransom, Kraken has proactively launched a counter-offensive, engaging federal law enforcement agencies across multiple jurisdictions in a transnational investigation. Nick Percoco indicated that the evidence gathered by the company is sufficient to aid in identifying and apprehending the criminals responsible. This security battle transcends mere data defense, evolving into a broader fight for legal accountability and justice.
Simultaneously, Kraken navigates domestic political scrutiny. U.S. Representative Maxine Waters recently challenged the Federal Reserve Bank of Kansas City, seeking clarification on its decision to grant Kraken “limited-purpose accounts.” These accounts enable Kraken to access the U.S. payment system, operating through the Federal Reserve, a move Waters fears could introduce unforeseen financial risks.
- Related News: U.S. Lawmakers Question Legality of Kraken’s Federal Reserve Access
As Kraken confronts digital extortionists, it must also uphold its operational stability and security within a highly transparent regulatory landscape. For this veteran exchange, founded in 2011, this confluence of internal management, technical defense, and political public relations represents a comprehensive and critical stress test.
(The above content is excerpted and reproduced with authorization from our partner “CryptoCity”, original link)
Disclaimer: This article provides market information only. All content and views are for reference only and do not constitute investment advice. They do not represent the views and positions of BlockTempo. Investors should make their own decisions and trades. The author and BlockTempo will not bear any responsibility for direct or indirect losses incurred by investors’ transactions.
