Risk and financial advisory company Kroll has released additional details regarding the August data breach, which exposed the personal information of FTX bankruptcy claimants.
Kroll said the exposed data included coin holdings and balances, which would allow threat actors to pinpoint attractive targets who invest heavily in the cryptocurrency markets.
Just like in its August statement, Kroll advised all those affected by the incident to remain vigilant and take precautions to protect their accounts.
Kroll also warned of potential incoming phishing emails, text messages, and social media messages aiming to deceive and gain unauthorized access to affected FTX customers' cryptocurrency accounts and digital assets.
Never share your passwords, seed phrases, private keys, and other secret information with untrusted individuals, applications, websites, or devices.
Never presume an email or other communication is legitimate because it contains information about their claim or FTX account.
Always verify information that they receive from any other website about the FTX bankruptcy case or their claim by visiting the website of the Claims Agent, Kroll Restructuring Administration LLC: https://restructuring.
To protect assets against targeted phishing attacks, investors should store their crypto in cold wallets that make it more difficult to be stolen by threat actors.
Kroll confirmed in a statement published on August 25 that one of its employees was a victim of a SIM-swapping attack after hackers targeted their T-Mobile account and stole their phone number.
After Kroll's breach disclosure, phishing emails began targeting affected individuals impersonating FTX and claiming that the recipient was eligible to withdraw digital assets from their accounts.
The phishing messages matched the recipients' last known balance on the cryptocurrency platforms.
The attackers' ultimate goal was to trick the targets into giving away the seeds that protect their cryptocurrency wallets, allowing the hackers to empty them.
Even though Kroll handles restructuring cases for hundreds of organizations, a spokesperson told BleepingComputer after the August breach that the scope of the impact is limited to the FTX, BlockFi, and Genesis Global Holdco crypto-investment companies and their creditors.
Kroll has not yet disclosed the sensitive information belonging to the creditors of BlockFi and Genesis that was also exposed during the breach.
Panasonic discloses data breach after December 2022 cyberattack.
Mortgage firm LoanCare warns 1.3 million people of data breach.
Yakult Australia confirms 'cyber incident' after 95 GB data leak.
Integris Health patients get extortion emails after cyberattack.
Mint Mobile discloses new data breach exposing customer data.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 28 Dec 2023 18:10:03 +0000