Kraken Extortion Plot Explodes — Should Traders Continue To Trust Exchanges With Their Personal Data?

The group extorting Kraken is claiming access to some client account information after two insider incidents involving customer support staff.

Yesterday, on a post on the social network X, Nick Percoco, Kraken’s Chief Security Officer (CSO), made public  that a criminal group is extorting the crypto exchange with threats  to release videos of their systems exposing client data.

Kraken Security Update

We are currently being extorted by a criminal group threatening to release videos of our internal systems with client data shown if we do not comply with their demands. It’s important to start with the most important points: our systems were never…

— Nick Percoco (@c7five) April 13, 2026

Now, according to Bloomberg, the incident is not a classic external hack, but rather an insider‑access problem. A small set of customer details, such as names and physical addresses, may have been exposed after support employees captured photos and videos of internal screens in two separate incidents, one in 2025 and another earlier this year.

The company has reportedly warned the potentially affected clients to be especially cautious about anyone contacting them. Bloomberg’s source is a “person familiar with the matter who declined to be named because the details haven’t been made public”.

Around 2,000 accounts and roughly 0.02% of users were affected. The exposure is limited to basic support data such as names and addresses. Kraken stresses there was no system hack and client funds and trading infrastructure remain secure.

Kraken has openly dismissed the extortion attempt, stating that it “will not pay these criminals” and “will not ever negotiate with bad actors”. Percoco’s post clarifies that Kraken is working with federal law‑enforcement agencies across multiple jurisdictions. and that the CEX has gathered enough evidence to help identify those responsible.

Although it may sound rather specific, this is not the first time a big CEX is hit with an insider-access problem that vulnerates customers data through the costumer service of the exchange. It’s not even Kraken’s first rodeo with this sort of issue.

Back in January, Dark Web Informer reported that a read-only version of Kraken’s internal customer support system was being sold for a negotiable single dollar on a dark web forum.

Kraken cryptocurrency exchange panel access being sold on a dark web forum – read-only account with user profiles and transaction history.

Access details:

View only – user profiles and transaction history Generate support tickets to phish or extract more data No… pic.twitter.com/7LsxRNMkYa

— Dark Web Informer (@DarkWebInformer) January 1, 2026

Also in mid-2025, Kraken and Binance were hit by the same social‑engineering push that previously led to a successful customer data breach at Coinbase, where attackers zeroed in on support staff. The attackers allegedly approached customer service agents at the exchanges and offered bribes in return for access to user information. Our sister website Bitcoinist covered the story.

This past February, a crypto trader claimed an ex‑Revolut staffer tried to blackmail him, threatening to expose his personal data unless he paid. Revolut claimed the allegation was referred to law‑enforcement authorities.

This incident reinforces a key market theme: in the post‑ETF, higher‑regulation cycle, “counterparty risk” on centralized exchanges is shifting from pure asset custody to data security and insider controls.

While no immediate outflows or price shocks are visible, repeated data‑exposure headlines can push more flows toward exchanges with stronger transparency reports, on‑chain venues, or self‑custody solutions.

Cover image from Perplexity. BTCUSD chart from Tradingview.