Kraken Takes Hard Line: No Ransom for Extortionists Threatening Client Data
Kraken's security leadership is drawing a firm line in the sand after criminals attempted to shake down the exchange with threats to release internal system footage containing client information. In a Monday post on X, Nick Percoco, Kraken's chief security officer, announced that the exchange woul
Kraken's security leadership is drawing a firm line in the sand after criminals attempted to shake down the exchange with threats to release internal system footage containing client information.
In a Monday post on X, Nick Percoco, Kraken's chief security officer, announced that the exchange would flatly refuse to pay an unnamed criminal group demanding an unspecified ransom. The threat centered on releasing "videos of our internal systems with client data shown," but Percoco made clear that capitulating wasn't an option.
"We will not pay these criminals," Percoco stated bluntly. "We will not ever negotiate with bad actors."
The Scope of the Incident
Here's what we know about the breach: Kraken's systems were never actually compromised, and user funds faced no direct risk from the extortion attempt. However, two separate incidents involving "inappropriate access" to client data occurred—one in February 2025 and another more recently. Collectively, these incidents affected approximately 2,000 user accounts.
The exchange is now working with federal law enforcement to pursue the criminal group, with potential arrests on the horizon.
Context: Extortion Is Becoming Par for the Course
This incident isn't isolated. The crypto industry is increasingly becoming a target for extortionists who view exchanges and their users as lucrative marks. Just months earlier, Coinbase faced nearly identical threats when cybercriminals demanded $20 million, leveraging compromised data from roughly 70,000 users. That breach stemmed from bribes paid to customer support contractors—a reminder that insider threats remain a vulnerability.
The broader picture is ugly. According to blockchain intelligence firm Nominis, more than $178 million was stolen across major crypto incidents in March 2026, a sharp jump from February's $49.3 million. Authorization abuse continues as the dominant attack vector, with victims repeatedly approving transactions that unknowingly granted hackers direct fund access.
Why This Matters for Crypto Market Intelligence
Kraken's hardline stance sends an important signal: major exchanges won't be bullied into payments that would only encourage future attacks. That's good for the ecosystem's long-term security posture. However, the sheer volume of incidents—from extortion attempts to authorization-based hacks—underscores a persistent weakness in crypto infrastructure that traders and portfolio managers need to monitor.
Alpha Take
Kraken's refusal to negotiate represents mature crisis management, but it also highlights an uncomfortable truth: extortion attempts are now routine in crypto. The $178M stolen in March versus $49.3M in February shows attackers are getting more sophisticated and aggressive. Traders should evaluate exchange security measures and incident response protocols when making custody decisions—reputational resilience during crises increasingly separates tier-one platforms from the rest.
Originally reported by
CoinTelegraph
Not financial advice. Crypto investing involves significant risk. Past performance does not guarantee future results. Always do your own research.