You don’t usually expect a crypto exchange to admit something like this publicly, but Kraken has done exactly that. The company says a criminal group is trying to extort it, claiming they have access to some customer information.
According to Kraken’s chief security officer, Nick Percoco, the situation doesn’t involve stolen funds, which is often the biggest fear in cases like this. Instead, the concern is around limited personal data. That includes things like names and addresses, not passwords or crypto balances. Still, even that kind of information can be sensitive, especially in a space where privacy matters a lot.
The company says it’s already working with law enforcement across different countries to track down those involved. While Kraken hasn’t shared how much money the attackers are demanding, the fact that this is being treated as an extortion case shows how serious the situation is.
Jeminipe Fasheun-Motesho
How the Data May Have Been Exposed
What makes this case stand out is how the data may have been accessed. It wasn’t a typical hack involving code or system vulnerabilities. The issue, rather, appears to have come from inside the system.
In two separate incidents, one in 2025 and another earlier this year, customer support staff allegedly took photos and videos of internal data. That detail points to a different kind of weakness, one that has been growing across the crypto industry.
We’re now seeing that, by breaking through firewalls, attackers are increasingly targeting people, likely because it could be easier to manipulate or bribe someone with access than to crack a secure system. That shift is becoming more visible as exchanges strengthen their technical defenses.
But this isn’t happening in isolation. Across the crypto industry, there has been a clear move toward what some call the “human layer” attacks.
Ari Redbord, who works in policy and investigations at TRM Labs, explained that “What we are seeing is a shift toward the human layer. As technical defenses get stronger, the focus moves to the people inside the system, especially those whose job is to be accessible and helpful.”
What This Means for Kraken Users
For affected users, the company has already started reaching out with warnings. Around 2,000 customers may have had some of their data exposed, and they’re being advised to stay alert for suspicious messages or attempts at fraud.
Even though funds weren’t touched, having personal information exposed can lead to phishing attacks or targeted scams. In crypto, where transactions cannot be reversed, even small mistakes can have big consequences.
Kraken’s response suggests it is trying to stay ahead of the situation. By being open about the issue and involving authorities early, the exchange is aiming to contain both the damage and the reputational impact.
This incident comes at a time when trust in crypto platforms is already under pressure. In just the past year, several high-profile cases have shown how quickly things can go wrong.
In 2026 alone, the Drift Protocol hack saw attackers drain about $285 million in minutes, making it one of the biggest breaches of the year and exposing how even advanced systems can be manipulated through a mix of technical and human weaknesses.
That shift is becoming clearer across the industry. In 2025, hackers targeted Coinbase by bribing customer support agents to access user data, turning insiders into entry points instead of breaking through code.
Against that backdrop, cases like Kraken’s highlight an uncomfortable truth. Security is no longer just about code. It is also about people, processes, and how information is handled at every level.
David Adubiina
