Kraken Rejects Ransom Demand After Limited Data Exposure In Two Breaches Report

TLDR

• Kraken said about 2,000 accounts were potentially viewed across two breaches.
• The exchange said no system was breached and customer funds were never at risk.
• Kraken linked the incidents to improper access by customer support team members.
• The company said it rejected the ransom demand and contacted affected users.

Kraken said it rejected a ransom demand after two security incidents exposed limited customer data. The exchange said the events affected about 2,000 accounts. It also said no core system was breached, and customer funds stayed safe.

The company linked both incidents to improper access by people tied to its customer support team. Kraken said the attackers later threatened to release videos of unauthorized internal access. The exchange said it would not pay and would not negotiate.

Limited exposure reported across two incidents

Kraken said the data exposure took place in two separate incidents. The company said the number of affected accounts was very small. It estimated that about 2,000 accounts were potentially viewed.

That figure equals about 0.02% of Kraken’s total customer base. The exchange said the exposure involved limited customer data. It did not describe a wider breach of its systems.

Nick Percoco, Kraken’s Chief Security Officer, addressed the matter in a public statement. He said ”no systems were breached, and customer funds are not at risk”. He also said the company had already stopped one extortion attempt.

Kraken said it contacted the users who may have been affected. It also said it reviewed the incidents and tightened internal controls. The company described the response as immediate and targeted.

Kraken says it will not pay attackers

Kraken said a criminal group demanded payment and threatened to release internal videos. According to the company, those videos showed support staff accessing internal client systems. The group also claimed to hold limited customer data.

The exchange said it would not meet those demands. Percoco said Kraken ”will not ever negotiate with bad actors”. He added that customer security remains the company’s top priority.

Kraken also said it is working with federal law enforcement. It said industry security experts are helping with the case. The company believes it has evidence that could help identify those involved.

The exchange said the threat did not affect customer balances or asset custody. It repeated that funds were secure at all times. That message formed the center of its response.

Internal access became the focus of the case

Kraken said the incidents came from improper access actions by individuals linked to its support team. One reported case happened in February. A second case followed a similar pattern, according to the company.

In both cases, Kraken said it identified the people involved and removed their access. It also said it has now terminated those individuals’ privileges. The company presented the matter as an internal security issue, not a platform breach.

Percoco said current threats often use insider infiltration and social engineering. He said those methods are becoming more common across crypto and other sectors. He also said the company is working to disrupt recruitment efforts aimed at insiders.

Kraken noted that these efforts do not target crypto firms alone. It said gaming and telecommunications companies also face similar threats. That broader pattern has drawn law enforcement attention.

Wider industry pressure remains in focus

The case adds to recent concerns about insider risk in the digital asset sector. Crypto companies often manage high-value assets and large user bases. That makes support teams and internal tools attractive targets.

Kraken pointed to a wider trend in which attackers seek employee access instead of direct system breaches. This approach can expose customer data even when core systems remain secure. The company said that was the pattern seen here.

The exchange said it has strengthened its controls after the incidents. It also said it remains committed to improving internal security practices. At the same time, it continues to assist investigators.

The post Kraken Rejects Ransom Demand After Limited Data Exposure In Two Breaches Report appeared first on CoinCentral.