The post Kraken Security Breach: What CSO Nick Percoco Said About the Extortion Threat and Federal Investigation appeared first on Coinpedia Fintech News
Kraken’s Chief Security Officer went public with something most exchanges would bury. Nick Percoco shared a detailed X post explaining why Kraken is currently dealing with an extortion attempt, and what actually happened behind the scenes.
Percoco revealed that a criminal group was threatening to leak videos of Kraken’s internal systems to the media unless Kraken paid them.
“It’s important to start with the most important points: our systems were never breached; funds were never at risk; we will not pay these criminals; we will not ever negotiate with bad actors,” he explained.
Insider Scoop?
It started in February 2025. He said that Kraken got a tip about a video on a criminal forum showing someone accessing their internal support systems. They traced it to one of their own staff members and access was cut immediately. The investigation was done, and affected clients were notified.
Then it happened again. Total accounts potentially viewed across both incidents, around 2,000 clients, just 0.02% of Kraken’s user base. However, they clarified that no funds were touched. No core systems were breached.
Once the second incident was shut down, the criminals started threatening to release the footage publicly unless Kraken paid up.
Where Things Stand Now
According to Percoco, Kraken is working with federal law enforcement across multiple jurisdictions and says it has enough evidence to support arrests. The investigation is live and active. Kraken has also been helping the wider industry tackle insider recruitment schemes hitting crypto, gaming, and telecom companies alike.
“We are actively working with federal law enforcement across multiple jurisdictions to pursue all individuals involved and bring them to justice.”
If you were affected, Kraken says you have already been notified directly.
The exchange says this will not end here. More such instances will happen if security is not taken seriously. Recently, in a similar incident this month, Galaxy Digital also reported a minor cybersecurity incident in a development workspace, with no impact on client funds or data, reflecting how threats across the sector are becoming more complex and targeted.
