Kraken Extortion Plot Explodes — Should Traders Continue To Trust Exchanges With Their Personal Data?
TL;DR
Kraken is facing extortion from a criminal group claiming to have accessed client account information due to insider incidents involving customer support staff. The exchange's Chief Security Officer confirmed the threats to release videos showing client data.
Key points
- Kraken is being extorted by a criminal group.
- Threats include releasing videos of client data.
- Access to data was due to insider incidents.
- Customer details like names and addresses may be exposed.
- Kraken's systems were not externally hacked.
The group extorting Kraken is claiming access to some client account information after two insider incidents involving customer support staff.
Kraken’s Extortion Plot: An Insider-Play
Yesterday, on a post on the social network X, Nick Percoco, Kraken’s Chief Security Officer (CSO), made public that a criminal group is extorting the crypto exchange with threats to release videos of their systems exposing client data.
Kraken Security Update
We are currently being extorted by a criminal group threatening to release videos of our internal systems with client data shown if we do not comply with their demands. It’s important to start with the most important points: our systems were never…
— Nick Percoco (@c7five) April 13, 2026
Now, according to Bloomberg, the incident is not a classic external hack, but rather an insider‑access problem. A small set of customer details, such as names and physical addresses, may have been exposed after support employees captured photos and videos of internal screens in two separate incidents, one in 2025 and another earlier this year.
The company has reportedly warned the potentially affected clients to be especially cautious about anyone contacting them. Bloomberg’s source is a “person familiar with the matter who declined to be named because the details haven’t been made public”.
Around 2,000 accounts and roughly 0.02% of users were affected. The exposure is limited to basic support data such as names and addresses. Kraken stresses there was no system hack and client funds and trading infrastructure remain secure.
Kraken has openly dismissed the extortion attempt, stating that it “will not pay these criminals” and “will not ever negotiate with bad actors”. Percoco’s post clarifies that Kraken is working with federal law‑enforcement agencies across multiple jurisdictions. and that the CEX has gathered enough evidence to help identify those responsible.
A Long List Of CEX’s Customer Services Vulnerabilities
Although it may sound rather specific, this is not the first time a big CEX is hit with an insider-access problem that vulnerates customers data through the costumer service of the exchange. It’s not even Kraken’s first rodeo with this sort of issue.
Back in January, Dark Web Informer reported that a read-only version of Kraken’s internal customer support system was being sold for a negotiable single dollar on a dark web forum.
🚨🦑 Kraken cryptocurrency exchange panel access being sold on a dark web forum – read-only account with user profiles and transaction history.
Access details:
▪️ View only – user profiles and transaction history
▪️ Generate support tickets to phish or extract more data
▪️ No… pic.twitter.com/7LsxRNMkYa— Dark Web Informer (@DarkWebInformer) January 1, 2026
Also in mid-2025, Kraken and Binance were hit by the same social‑engineering push that previously led to a successful customer data breach at Coinbase, where attackers zeroed in on support staff. The attackers allegedly approached customer service agents at the exchanges and offered bribes in return for access to user information. Our sister website Bitcoinist covered the story.
This past February, a crypto trader claimed an ex‑Revolut staffer tried to blackmail him, threatening to expose his personal data unless he paid. Revolut claimed the allegation was referred to law‑enforcement authorities.
Market Implications
This incident reinforces a key market theme: in the post‑ETF, higher‑regulation cycle, “counterparty risk” on centralized exchanges is shifting from pure asset custody to data security and insider controls.
While no immediate outflows or price shocks are visible, repeated data‑exposure headlines can push more flows toward exchanges with stronger transparency reports, on‑chain venues, or self‑custody solutions.
At the moment of writing, BTC trades for the high $71ks on the daily chart. Source: BTCUSD on Tradingview.
Cover image from Perplexity. BTCUSD chart from Tradingview.
Q&A
What is the nature of the extortion plot against Kraken?
The extortion plot involves a criminal group threatening to release videos of Kraken's internal systems that expose client data.
How did the criminal group gain access to Kraken's client data?
The group claims to have accessed client data through insider incidents where support staff captured photos and videos of internal screens.
What specific client information may have been exposed in the Kraken incident?
The exposed client information may include names and physical addresses of a small set of customers.
What actions is Kraken taking in response to the extortion threat?
Kraken is addressing the extortion threat publicly and has stated that their systems were never compromised in a classic external hack.
