Crypto.com chief executive Kris Marszalek has rejected claims that the exchange failed to disclose a 2023 security incident, framing the controversy as misinformation from uninformed sources.
His rebuttal came after a Bloomberg investigation alleged the company had quietly endured a cyberattack linked to Scattered Spider, a group known for tricking employees into surrendering access credentials.
According to Bloomberg, members of the group impersonated the exchange’s internal IT staff and convinced several workers to share their login details.
The attackers allegedly attempted to escalate their access with those credentials by targeting senior accounts.
The report argued that Crypto.com did not adequately disclose the incident, raising criticisms from security experts about the transparency at one of the industry’s largest exchanges.
Crypto.com’s response
In a Sept. 22 post on X, Marszalek stressed that “any suggestion that we did not report or disclose a security incident is completely unfounded.”
He stated:
According to him, the firm had filed a Notice of Data Security under the Nationwide Multistate Licensing System and submitted additional reports to regulators in relevant jurisdictions.
Marszalek explained that the incident stemmed from a phishing campaign aimed at one employee and was neutralized within hours. He said no customer funds were exposed, and the only compromise involved partial personally identifiable information belonging to a limited number of users.
He added:
CRO plunges
The controversy coincided with the sharp volatility in the broader crypto market, resulting in Crypto.com’s Cronos token dropping 10% in the past 24 hours to $0.20 at press time.
According to CryptoSlate’s data, this decline mirrored wider market weakness, which saw Bitcoin and Ethereum tumble, triggering roughly $1.7 billion in liquidations across exchanges.
Mentioned in this article
Source: https://cryptoslate.com/crypto-coms-cronos-token-dip-10-amid-ceo-denial-of-undisclosed-cyberattack-allegations/
