Kraken Refuses Extortion After Insiders Exposed 2,000 Client Accounts
STORY
RAVE
READ
IP
REAL
Kraken said it is being extorted by criminals threatening to release videos of internal systems after two insider-related data access incidents exposed roughly 2,000 client accounts.
Insider Access Details
Nick Percoco, chief security officer at Kraken's parent company Payward, disclosed on Apr. 13 that the exchange identified and terminated two support team members who improperly accessed limited client data.
The first case emerged in Feb. 2025 after the company received a tip about a video circulating on a criminal forum. Kraken revoked the employee's access, conducted a full investigation and notified affected clients.
A second incident followed a similar pattern. The exchange again acted to cut access and alert impacted users. Across both cases, approximately 2,000 accounts were potentially viewed, representing 0.02% of Kraken's total client base.
"Our systems were never breached; funds were never at risk; we will not pay these criminals; we will not ever negotiate with bad actors," Percoco wrote on X.
Kraken said the extortion demands arrived shortly after the second employee's access was revoked.
Also Read:Crypto Funds Pull $1.1B In Best Week Since January As Risk Appetite Returns
Kraken Law Enforcement Response
The company said it believes it has gathered sufficient evidence to identify and arrest those responsible. Kraken is now working with federal law enforcement across multiple jurisdictions to pursue all individuals involved.
Percoco noted that the investigation has uncovered broader insider recruitment efforts targeting not only crypto firms but also gaming and telecommunications companies.
The exchange did not share additional details, citing the active investigation.
Kraken Security Incidents History
This is not the first time Kraken has dealt with extortion. In June 2024, an entity claiming to be a security researcher exploited a zero-day vulnerability to withdraw roughly $3M from the exchange's treasury, then demanded payment rather than returning the funds. Kraken treated that case as a criminal matter and cooperated with law enforcement.
The pattern of insider threats across the crypto industry has intensified in recent years.
North Korean operatives, in particular, have targeted exchanges through fabricated job applications, with Kraken itself catching one such attempt during a job interview in 2025.
