Major risk and financial advisory firm Kroll has confirmed that certain files with personal data belonging to the bankruptcy credit claimants of BlockFi, FTX, and Genesis Global Holdco have been compromised following a successful SIM swapping attack against one of its employees, reports BleepingComputer.
Such an attack was targeted at an employee's T-Mobile account on Aug. 19, enabling the threat actor to evade multi-factor authentication and access the cloud-stored files with personal data but the incident has been immediately mitigated, according to Kroll, which also noted that it will promptly notify individuals affected by the incident.
"The security incident only impacted files pertaining to BlockFi, FTX, and Genesis. There is no evidence that the threat actor moved laterally or gained access to any other Kroll user accounts or systems," said a Kroll spokesperson.
Meanwhile, both BlockFi and FTX noted that only certain claimants had their non-sensitive data exposed in the incident. Phishing attacks impersonating FTX have already been reported following the intrusion.
