Kraken Exchange Faces Extortion After Insider Recorded System Footage

Summary

Kraken cryptocurrency exchange is facing extortion demands following two separate incidents where support staff members misused their access to record internal customer management system footage. While no funds or systems were compromised, the stolen videos of approximately 2,000 customer accounts are being used as leverage by unidentified threat actors. The company is working with law enforcement across multiple countries and has stated it will not negotiate with the attackers.

Full text

Cyber Crime Crypto SecurityKraken Exchange Faces Extortion After Insider Recorded System Footage Kraken exchange faces extortion after a staff member misused access to record internal systems, about 2,000 accounts affected, no funds or systems breached. byDeeba AhmedApril 14, 20262 minute read A US-based cryptocurrency exchange, Kraken (not to be confused with the Kraken ransomware group), is fighting off a ransom demand from yet publicly unidentified hackers following two separate security incidents. These hackers are using stolen video recordings of internal customer management systems as leverage, but Kraken, run by Payward Inc., has stated clearly that it will not negotiate or pay the attackers. What Happened In February 2025, Kraken started an internal investigation after being tipped about a video circulating on a criminal forum. Security teams found that the person behind it was a member of the exchange’s own support staff. While the company blocked their access and added new security controls, the risk didn’t end there. Recently, a second incident occurred involving a similar video, and Kraken’s investigation revealed another case of a support team member using their access wrongly. In total, hackers may have viewed the data of about 2,000 accounts- that is 0.02% of everyone who uses Kraken. Though the company claims no full system penetration happened, these stolen videos are now the main tool for the extortion attempt. Working with Law Enforcement Kraken is now working with federal law enforcement in several countries. Nick Percoco, the exchange’s Chief Security Officer, noted that there is enough evidence to identify and arrest those responsible. The company is also teaming up with other firms to stop insider recruitment efforts, as these campaigns often target workers in the crypto, gaming, and phone industries. In a detailed security update on X.com, Percoco explained that the company’s systems were never breached and funds were never at risk. He made it clear that Kraken will never negotiate with bad actors and that they are constantly improving their security to fight these new types of global threats. Kraken has already messaged anyone who might have been affected. Insider Threat Rising in Crypto Eliwood, a prominent Cyber Threat Intelligence (CTI) expert, called this incident a classic example of an insider threat, adding that even though the first staff member was caught a year ago, the stolen data is still a problem today. This shows how employees’ involvement in data theft can create long-term risks for any business. Other big crypto platforms have dealt with similar insider threats. As Hackread.com reported in May 2025, Coinbase faced a $20m ransom demand after a breach affecting 70,000 users, but it refused and offered the same amount as a reward for tips on the attackers. In that attack, hackers paid bribes to offshore workers to access customer records. According to blockchain analytics firm Nominis’ research, these attacks are becoming more common, with losses rising to $178 million in March 2026 from $49.3 million in February. Most of these involve authorisation exploitation, where hackers trick staff or users into providing access to digital assets, highlighting that the human element still remains the most vulnerable link in the security chain. Deeba Ahmed Deeba is a veteran cybersecurity reporter at Hackread.com with over a decade of experience covering cybercrime, vulnerabilities, and security events. Her expertise and in-depth analysis make her a key contributor to the platform’s trusted coverage. View Posts BlockchainCryptoCyber AttackCybersecurityExchangeExtortionInsider ThreatKraken Leave a Reply Cancel reply View Comments (0) Related Posts Security Business Hackers infect authentic 2FA app to infect Mac devices with malware It is believed that an infamous group is behind this malware. bySudais Asif Cyber Crime Phishing Scam Security Google Docs Phishing Scam Cost Minnesota State Thousands of Dollars Last Wednesday the Internet was full of news reports regarding a new sophisticated phishing scam using Google Docs to… byWaqas Cyber Crime UK National Cyber Crime Unit nabs 56 cyber criminals over the last week National Crime Agency, a London based law enforcement agency, has arrested as many as 56 individuals over the… byPushpa Mishra Security Simple Tips to manage and Prevent Social Engineering Attacks Social engineering attacks are propagated in different forms and through various attack vectors. It is a rapidly evolving art that keeps on being perfected every now and then byAli Qamar

Entities