Kroll suffered a hack that led to the personal information of customers who use FTX, BlockFi, and Genesis.
The company both provides cybersecurity consulting and gathers creditor claims on behalf of bankrupt companies. At that moment, they were working with those three bankrupt cryptocurrency platforms when they noticed an attack.
“A cyber threat actor targeted a T-Mobile US., Inc. account belonging to a Kroll employee in a highly sophisticated “SIM swapping” attack,” said an advisory posted by Kroll. “Specifically, T-Mobile, without any authority from or contact with Kroll or its employee, transferred that employee’s phone number to the threat actor’s phone at their request.”
This SMS scam allows hackers to activate a SIM card on their own device using a victim’s phone number. Once activated, they can intercept their calls, texts, and important messages.
While the full scope of what detail was obtained and how severe the hack was, Kroll stated that there was no evidence other systems had been affected.
Kroll also responded quickly, securing the affected accounts and working with the Federal Bureau of Investigation (FBI) to launch a full investigation into what happened.
Hackers have already begun impersonating FTX employees through malicious phishing emails, claim several X users, who posted pictures of fraudulent emails wanting users to connect their cryptocurrency wallets to a third-party source.
“FTX has taken the precautionary measure of temporarily freezing affected user accounts within the customer claims portal,” explains FTX in a recent post on X.
Kroll ends its security advisory by reminding customers that you should never share your private crypto keys, passwords, or personally identifiable information with strangers, even if they claim to represent someone you may know.
You should also be especially wary of suspicious links to external sources, often times just clicking the link can begin installing malware on your device.