Kraken crypto exchange resists extortion attempts

Criminals keep failing to extort major cryptoasset companies, with the latest example coming from the Kraken exchange.

Nick Percoco, chief security officer (CSO) of the exchange, said on April 13th that the company is being extorted by criminals threatening to leak client data.

Percoco ensured the company wouldn't negotiate or pay ransom and emphasized that the company's systems were never breached and funds were never at risk.

However, the CSO admitted that since February 2025, "two instances of inappropriate access to limited client support data" were identified and shut down.

During both similar incidents, data of around 2,000 of their clients, or 0.02% of all clients, was affected. The first one involved a support team member; meanwhile, this year, Kraken again had to terminate access to its systems for unspecified suspects after receiving a tip, along with a new video with client data.

"Shortly after access was terminated, we began receiving extortion demands. The criminals threatened to distribute materials from both the February 2025 incident and the recent incident to media outlets and on social media if we did not comply," Percoco said, adding that the company believes it has sufficient evidence to identify and arrest the suspects.

The CSO also shared that, since the first incident more than a year ago, they've been collaborating with industry partners and law enforcement to investigate and disrupt insider recruitment efforts targeting not only crypto companies, but also gaming and telecommunications organizations.

As reported by Cybernews, Kraken caught a North Korean hacker during a job interview.

Meanwhile, it's not the first time a major crypto company refuses to play by the rules of extortion groups. In May 2025, criminals attempted to extort the Coinbase exchange for $20 million, threatening to leak customer data.

The company said no and established a $20 million reward fund for those who'd help catch the criminals. Later that year, suspects were arrested. Previously, other cryptoasset companies such as Binance, Ledger, and Bitfinex also refused to pay ransom.

In their latest ransomware report, blockchain analysis company Chainalysis concluded that, in 2025, ransomware payments stagnated for the second consecutive year, despite attacks escalating, and the median payment increased 368% to $59,556 in 2025.

According to the analysts, besides other reasons, improved incident response and increased regulatory scrutiny have also helped reduce payout frequency.