Kraken says it is facing an extortion attempt after a criminal group threatened to release videos that allegedly show internal systems containing client data. In a Monday security update on X, chief security and information officer Nick Percoco said Kraken's systems were never breached, client funds were never at risk, and the company will not negotiate with the attackers.

What Kraken disclosed

According to Kraken, the issue came from two separate insider-related incidents involving members of its support team rather than an external intrusion into wallets or trading infrastructure. The exchange said it identified the individuals involved, cut off their access, and notified affected users. CoinDesk reported that about 2,000 client accounts were potentially viewed across the two incidents.

Why it matters

The conservative read is that this was a contained data-access incident, not a platform-wide security failure. Still, it highlights a different threat model for crypto companies: insider recruitment and abuse of employee permissions, rather than only smart contract bugs or hot-wallet attacks. Kraken said it is working with law enforcement and industry partners, and that it believes the people behind the campaign can be identified. For exchanges that already market security as a core differentiator, even limited insider exposure is a reminder that human access controls can be just as important as technical defenses.