An intricate and alarming situation, including insider misuse, limited client information exposure, and an ongoing extortion attempt, is revealed by Kraken's most recent security disclosure. Chief Security Officer Nick Percoco claims that videos of internal systems with client data visible are being blackmailed by a criminal organisation.

The incident reveals a deeper vulnerability; insider access is being exploited to create operational and reputational pressure, despite Kraken's adamant claims that its systems were never compromised and its finances were never in jeopardy.

• Two Insider Incidents Behind the Threat
• Scope of Data Exposure & Client Impact
• Extortion Demands & Kraken's Firm Stance
• Law Enforcement Data & Ongoing Investigation

Two Insider Incidents Behind the Threat

According to Kraken's update, the issue is not caused by an external attack, but rather by two distinct instances of improper internal access. The first incident happened in February 2025 after a reliable source informed the organisation about a film that was making the rounds on a criminal website. Access to Kraken's customer support services was purportedly demonstrated in the video.

The source was promptly determined to be a member of Kraken's support staff. A thorough internal inquiry was conducted after their access was promptly terminated. Additionally, Kraken put in place extra security measures and informed the few impacted clients personally.

A similar pattern was seen in a second, more recent occurrence. A fresh video demonstrating similar activities also appeared, along with another tip. Once more, Kraken found the culprit, immediately blocked their access, carried out a thorough investigation, and informed the affected users.

Scope of Data Exposure & Client Impact

Kraken claims that there was minimal exposure in both cases. Just 0.02% of its total user base, or about 2,000 client accounts, may have been investigated. Crucially, the company stresses that this access was limited to client assistance information, not financial systems.

Kraken made it clear time and time again that its fundamental infrastructure was safe. There was no evidence of unapproved transactions, no compromise of cash, and no breach of trading systems. This distinction is crucial because it distinguishes systemic failure from operational misuse.

Kraken also verified that all clients who might be impacted have already received notification. This implies a confined reaction, meaning that the larger user base is not impacted by any ongoing unknown exposure.

Kraken Security Update

We are currently being extorted by a criminal group threatening to release videos of our internal systems with client data shown if we do not comply with their demands. It’s important to start with the most important points: our systems were never…— Nick Percoco (@c7five) April 13, 2026