Kraken won‘t negotiate after extortion attempt with client data

The exchange’s head of security said there had been two incidents involving “inappropriate access” to client data, involving about 2,000 user accounts.

Kraken’s chief security officer said that the company would not be negotiating with a criminal group threatening to release certain information related to client data.

In a Monday X post, Nick Percoco reported an attempt to extort an unspecified amount from the cryptocurrency exchange by an unnamed group “threatening to release videos of our internal systems with client data shown.” He said Kraken’s systems “were never breached” and user funds were not at risk from the attempt.

“We will not pay these criminals,” said Percoco. “We will not ever negotiate with bad actors.”

According to Percoco, there had been two incidents involving “inappropriate access” to client data in February 2025 and “more recently,” involving about 2,000 user accounts. He added that Kraken was working with federal law enforcement to investigate the criminal group, potentially leading to arrests.

Related: US Treasury expands cybersecurity threat intel to crypto industry

The incident highlights how crypto exchange security protecting personal data and user funds remains paramount as the industry continues to expand. There have been numerous instances where individuals tied to crypto companies or with digital asset holdings have been extorted or faced attempts at extortion. 

In May 2025, Coinbase reported that cybercriminals threatened to leak user data in an attempt to extort $20 million out of the crypto exchange.

The breach, which the exchange said had compromised data from about 70,000 users, was the result of bribes to customer support contractors.

More than $178 million was lost across major crypto incidents in March 2026, up from February’s $49.3 million, according to blockchain intelligence firm Nominis.

Authorization abuse continued to represent the primary attack vector, according to the report, with multiple incidents last month involving victims unknowingly approving transactions that gave hackers direct access to their funds.

Magazine: Should users be allowed to bet on war and death in prediction markets?

Source: CoinTelegraph