Business and legal services provider Kroll said it’s cooperating with federal law enforcement after a hacker gained access to files that may have contained personal information for customers of bankrupt crypto platforms FTX, BlockFi Inc. and Genesis Global Holdco, Bloomberg News reported. Kroll said on Friday that it appears the attack occurred on or about August 19 and that the company is cooperating with the Federal Bureau of Investigation. Kroll took immediate action to secure the three affected accounts and “a full investigation is underway,” the company said in a statement. The hacker appears to have accessed files on Kroll’s cloud system that may have contained customer names, addresses, emails and other information on claims creditors have with the three crypto firms, the company said. An attacker used a so-called “SIM swap” attack to gain access to a Kroll employee’s T-Mobile mobile phone number, Kroll said. Generally, such scams involves someone taking over a target’s phone number by getting a phone service provider to transfers numbers to phones the attacker controls. Kroll and a handful of other private companies provide administrative services to companies in chapter 11. Kroll said that it has no evidence to suggest its other systems were impacted in the hack and warned customers of Genesis, FTX and BlockFi about potential phishing scams that could seek unauthorized access to their crypto wallets.
