Kraken’s chief security officer, Nick Percoco, said the exchange will not negotiate with a criminal group that tried to extort the company by threatening to publish videos purportedly showing client data. In a post on X, Percoco described an extortion demand for an unspecified sum and said the material in question were internal-system videos allegedly displaying user information.
Percoco emphasized that Kraken’s systems “were never breached” and that user funds were not at risk, framing the incidents as unauthorized access to data rather than a full-scale compromise. He wrote: “We will not pay these criminals. We will not ever negotiate with bad actors.”
According to Percoco, there were two occasions of “inappropriate access” — one in February 2025 and a more recent event — affecting roughly 2,000 user accounts. Kraken is cooperating with federal law enforcement, and the investigation could result in arrests.
The episode highlights the ongoing challenge of protecting personal data and assets as the crypto sector expands. Extortion attempts and data-targeted attacks have repeatedly targeted crypto firms and individual holders. For example, in May 2025 Coinbase reported cybercriminals attempting to extort $20 million by threatening to leak user data; that incident involved bribes paid to customer support contractors and affected about 70,000 users.
A broader industry snapshot from blockchain intelligence firm Nominis found more than $178 million lost across major crypto incidents in March 2026, up from $49.3 million in February. The report pointed to authorization abuse — where victims unknowingly approve transactions that give attackers direct access to funds — as a primary attack vector in multiple cases.