Kroll Employee SIM-Swapping Attack Exposes BlockFi & FTX User Data
Kroll, a leading security consulting firm, has disclosed a SIM-swapping attack on one of its employees. This incident resulted in the theft of user information from various cryptocurrency platforms, including BlockFi and the collapsed FTX. The attack has raised concerns about the security of people with financial ties to these platforms.
The attack, which took place in August 2023, targeted a T-Mobile phone number belonging to the Kroll employee. This allowed the attackers to access personal information of bankruptcy claimants in matters involving BlockFi, FTX, and Genesis. Following this breach, both BlockFi and FTX reported data breaches this week.
SIM-swapping groups often target employees to gain access to their phone numbers, enabling them to hijack the target's digital life. In this case, the attackers exploited the employee's phone number to access sensitive user information. Phishing emails targeting FTX users have since been reported, suggesting that fraudsters may already be exploiting the stolen data.
The SIM-swapping attack against the Kroll employee highlights the risk of SIM-swapping and phishing attacks for people with financial ties to BlockFi, FTX, or Genesis. To mitigate such risks, minimizing reliance on mobile phone companies for security is advised. This includes removing phone numbers from online accounts whenever possible. Kroll, despite specializing in cyber risk management and data breach investigations, has been reminded of the importance of securing its employees' personal information.
Read also:
- Mars Petcare Opens Gold-LEED Certified Center, Aims for Carbon Neutrality by 2040
- Planned construction of enclosures within Görlitzer Park faces delays
- Controversy resurfaces following the elimination of diesel filter systems at Neckartor: A renewed conflict over the diesel restriction policy
- Perennial Seeks Growth Marketing & GTM Associate for Carbon Removal Mission
