Security News > 2023 > August > Kroll SIM-swap attack: FTX, BlockFi and Genesis clients’ info exposed
Financial and risk advisory firm Kroll has suffered a SIM-swapping attack that allowed a threat actor to access files containing personal information of clients of bankrupt cryptocurrency platforms FTX, BlockFi and Genesis.
On Saturday, August 19, 2023, an attacker targeted a Kroll employee's T-Mobile US account "In a highly sophisticated SIM swapping attack".
"Specifically, T-Mobile, without any authority from or contact with Kroll or its employee, transferred that employee's phone number to the threat actor's phone at their request. As a result, it appears the threat actor gained access to certain files containing personal information of bankruptcy claimants in the matters of BlockFi, FTX and Genesis," the company noted.
Kroll notified affected individuals by email, sharing more information about the potentially compromised info - in FTX's case: the clients' name, address, email address, and the balance of their FTX account; in Genesis' case, the claimants' name, address, email address, and their claims against the Genesis debtors.
Several FTX account holders have received targeted phishing emails in the wake of this attack.
Kroll has warned affected FTX, BlockFi and Genesis clients not to share passwords, seed phrases, private keys, and other secret information with suspicious individuals, apps, websites or devices, and to only seek information about the bankrupcy cases on the legitimate website.
News URL
https://www.helpnetsecurity.com/2023/08/28/kroll-sim-swapping-attack/