Major cryptocurrency exchange Kraken is currently the target of an active extortion plot by a criminal organization threatening to leak internal company videos containing sensitive client data.
The company has clarified that its core infrastructure was never breached and customer funds remain entirely secure. Moreover, it has refused to yield to any ransom demands.
The culprit
According to Nick Percoco, Kraken's chief security officer, the extortion attempt stems from two isolated incidents of rogue employees abusing their access privileges.
Back in February 2025, Kraken received a tip from a trusted source about a video circulating on a criminal forum. The footage appeared to show that the user had access to the exchange's internal client support systems.
Kraken ended up identifying the culprit as a member of its own support team. The access of the rogue employee was instantly revoked.
More recently, the company received a second tip accompanied by a similar video. Once again, Kraken quickly identified the compromised employee and terminated their access.
Just 0.02%
Across both the February 2025 and recent incidents, the rogue support agents only potentially viewed a very small fraction of the user base.
Kraken estimates that approximately 2,000 client accounts were affected, which accounts for just 0.02% of the exchange's total clientele.
The company noted that any users potentially impacted by these unauthorized views have already been directly notified.
No negotiations
Shortly after Kraken shut down the second rogue employee's access, the criminal group initiated their extortion campaign. The bad actors threatened to distribute the internal footage from both incidents to media outlets and social media platforms if the exchange did not comply with their financial demands.
However, Kraken is refusing to play along. "We will not pay these criminals," the Chief Security Officer stated. "We will not ever negotiate with bad actors."
Dan Burgin
U.Today Editorial Team
