BlockFi, FTX downplay data breach involving claims administration platform Kroll

The breach Thursday calls into question the security measures employed by the third-party vendor


John Hanson Pye/Shutterstock, modified by Blockworks


Embattled crypto firms BlockFi and FTX said they have both been indirectly affected by a cybersecurity breach involving third-party claims administration platform Kroll. 

BlockFi issued a statement on Wednesday attempting to assuage concerns that its internal systems and funds had not been affected by the breach that had occurred Tuesday. Kroll has reportedly confirmed unauthorized access to certain client data stored on its system.

Kroll is currently serving as the claims agent in the bankruptcy cases of both companies, facilitating the submission and administration of debtor claims through online portals

“To be clear, BlockFi’s internal systems and client funds were not impacted,” BlockFi said in its statement. “We understand this is frustrating. In the spirit of transparency, we wanted to make our clients aware of this incident before bad actors could utilize this information to clients’ detriment.”

Defunct crypto exchange FTX announced a similar incident, which it said had occurred on Kroll’s platform and that its own system and account passwords had also not been affected.

In a post on X, formerly Twitter, FTX said non-sensitive customer data of claimants had been compromised. Kroll has since taken measures to contain and remediate the incident, per the statement.

“Kroll is notifying affected individuals directly with measures that customers can take to protect themselves,” FTX said.

FTX collapsed late last year following allegations it had misappropriated customer funds through sister trading firm Alameda Research. BlockFi simultaneously fell victim to a liquidity crunch following its exposure to FTX through loans made to Alameda as well as funds trapped on FTX.

BlockFi is attempting to foil efforts by FTX, as well as former Singapore-based hedge fund firm Three Arrows Capital, over claims to billions of dollars they say are owed to them by the former crypto lender.

Both companies advised clients Thursday to remain vigilant for attempted fraud, phishing attempts and scam emails impersonating parties connected to the security breaches.

BlockFi also warned of an expected uptick in spam phone calls and phishing attempts against other bankrupt crypto firms in the weeks and months ahead.

FTX and BlockFi said they were monitoring the situation. Blockworks attempted to contact Kroll but has so far received no response.

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.


Upcoming Events

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

Screenshot 2024-05-23 091855.png


Bitcoin L2s aim to boost scalability while preserving decentralization and security, unlocking a better user experience, and new avenues for Bitcoin-powered innovations. However, no existing Bitcoin L2 leverages the full security of Bitcoin.



The convergence of AI and blockchain on Polkadot represents a groundbreaking opportunity for investors and developers alike


The company is making public a previously private offer rejected by Bitfarms’ board of directors last month


Semler Scientific, a publicly traded medical tech company, joined MicroStrategy by buying up millions of bitcoin


As someone who’s been knee-deep in the trenches of blockchain development, I can’t help but wonder if these behemoths are really cutting it anymore


UNI and MKR are suffering from the successes of their respective protocols


Maybe there’s no silver bullet to avoiding most tokens dumping after launch…