Business and legal services provider Kroll has revealed it has suffered a cyber incident, which saw some files containing personal data of customers of bankrupt crypto platforms FTX, BlockFi Inc. and Genesis Global Holdco exposed.
Kroll said that a hacker gained access to a company employee’s T-Mobile account via a SIM-swapping attack, which took place on August 19, 2023. The attacker tricked T-Mobile into transferring the employee’s phone number to their phone.
The advisory firm said it is working with the FBI and a full investigation is underway. Kroll has added it has no evidence that its other systems or accounts were impacted.
FTX has acknowledged the data incident and said it is monitoring the situation.
“FTX learned that Kroll, the claims agent in the bankruptcy, experienced a cybersecurity incident that compromised non-sensitive customer data of certain claimants in the pending bankruptcy case,” the company said in a series of posts on social media platform X (Twitter).
BlockFi said it was working with Kroll to understand the impact of the breach and that its own systems or customer funds were not affected in the incident.
“We have been notified that the Debtors’ claims administrator Kroll experienced a hacking incident. BlockFi customers should be on guard for malicious emails or attempts at account hacking,” the company said.
