Crypto Investor Data Stolen From Kroll In SIM Swap – Source: www.databreachtoday.com

Blockchain & Cryptocurrency
,
Cryptocurrency Fraud
,
Fraud Management & Cybercrime

FTX, BlockFI and Genesis Claimants at Risk of Phishing

Mihir Bagwe (MihirBagwe) •
August 28, 2023    

Kroll is warning claimants in three major cryptocurrency bankruptcy cases that hackers obtained their personal data after attackers convinced a mobile carrier to redirect an employee’s phone number to their own device.

Kroll Restructuring Administration is the claims agent for insolvent cryptocurrency platforms FTX, BlockFi and Genesis. In a Friday advisory, it disclosed an Aug. 19 SIM swapping attack resulting in the malicious “access to certain files containing personal information of bankruptcy claimants” in the three cases.

See Also: Live Webinar | Unmasking Pegasus: Understand the Threat & Strengthen Your Digital Defense

The company said the attacker convinced a T-Mobile operator to redirect the phone number of a Kroll employee to a different smartphone. T-Mobile did not immediately respond to Information Security Media Group’s request for comment. BlockFi tweeted that an unauthorized actor gained access to customer data held on Kroll platforms, but said its internal systems and client funds were not impacted. “We can also confirm that BlockFi account passwords were never stored on Kroll’s platform,” the company added. “No action is needed on your BlockFi account at this time.”

FTX published a similar message, stating that the breach “compromised non-sensitive customer data of certain claimants in the pending bankruptcy case.”

Genesis did not release a statement, but a notice from the firm on Kroll’s platform said the incident did not affect Genesis systems or its digital assets.

The three companies and Kroll urged users to remain alert for attempted fraud and scam emails impersonating parties involved in the bankruptcy case. “The attacker might use this information in a further scam, for example in phishing e-mails to try to trick you into giving up control over your cryptocurrency accounts, wallets or other digital assets,” the Genesis notice says.

Hackers appear to have already begun to target potential victims with phishing messages. An X platform user called Bluntz_Capital, tweeted about receiving four phishing mails while another, using the moniker RiseXBT, tweeted about receiving 15 phishing mails.