In a cyberattack incident, the claims agent responsible for bankruptcy cases involving Genesis Global Holdco, FTX, and BlockFi, revealed that it had fallen victim to a data breach. As a result, the personal data of hundreds of claimants may have been compromised.
Kroll, a business-services company, reported that hackers conducted a SIM-swapping attack on T-Mobile US, compromising a phone number associated with Kroll’s restructuring administration business. The attack occurred around August 19.
Kroll issued a notice to 717 Genesis claimants, informing them that the attackers accessed information stored in Kroll’s cloud-based systems. This information included names, physical and email addresses, and claim details. Genesis, the cryptocurrency lender, has not yet commented on the incident.
Kroll stated that it is collaborating with law enforcement and that its other systems remain unaffected. T-Mobile US has yet to respond to the incident.
Kroll Restructuring Administration serves as the claims agent for the bankruptcy case of Genesis, which filed for bankruptcy protection following the collapse of cryptocurrency exchange FTX. Interestingly, Kroll is also the claims agent for FTX. The latter sought chapter 11 protection after allegations arose about Alameda Research, a hedge fund founded by FTX co-founder Sam Bankman-Fried, illegally accessing funds from FTX accounts.
FTX announced via the social media platform X (formerly known as Twitter) that some claimants in their bankruptcy proceedings were also impacted. As a precautionary measure, FTX froze affected customer claim accounts.
BlockFi, another cryptocurrency lender involved in a bankruptcy case filed by FTX, also confirmed that their claimants were affected. Both BlockFi and FTX have not responded to requests for comment.
A spokesperson for Kroll referred to the company’s statement, which confirmed that claimants’ information had been accessed.
SIM-swapping attacks occur when hackers take control of a telephone number and transfer it to another device. This allows them to bypass security measures, such as two-factor authentication in some cases. In the case of Kroll, it provided hackers access to private systems. However, this type of attack can also target personal banking apps and other sensitive software. Hackers often achieve this by impersonating the account owner and requesting the number transfer from a telecoms operator.
To mitigate the risks associated with SIM swapping, companies can utilize applications like authenticators. These generate random passcodes and are less susceptible to compromise compared to text messages used for multifactor authentication, according to Georgia Weidman, a security architect at mobile-security company Zimperium.
Melissa Bischoping, Director of Endpoint Security Research at cybersecurity company Tanium, advises against using certain pieces of personal information, such as names, addresses, and dates of birth, as security challenges. Criminals already possess such information about a person they are trying to impersonate and can exploit it during low-security verification processes.
T-Mobile has previously experienced successful cyberattacks. In 2021, a breach resulted in the exposure of information belonging to around 54 million customers. To settle a subsequent class-action lawsuit, T-Mobile agreed to pay a $350 million settlement in July 2022.
Contact James Rundle at [email protected]
©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8
