Daily Scam Emails Trigger Class-Action Suit Against Kroll in FTX Bankruptcy Fallout

TLDR:

• Kroll is facing a class-action after FTX creditors reported scam emails linked to its 2023 data breach.
• The lawsuit alleges daily phishing attempts began once attackers accessed claimant details from Kroll systems.
• Compromised data included names, addresses, emails, and account balances of FTX creditors, according to the notice.
• Kroll said it acted quickly to contain the breach but creditors argue losses from scams escalated afterwards.

FTX creditors are taking legal action against Kroll, the claims agent in the collapsed exchange’s bankruptcy, following last year’s security breach. 

The suit alleges that stolen data exposed claimants to waves of phishing attempts that still continue today. Creditors say scam emails began appearing almost daily, leaving them vulnerable to further losses. The dispute ties back to the cyber incident in August 2023, when attackers compromised a Kroll employee’s mobile line. 

Creditors now argue the company failed to adequately protect sensitive records tied to the bankruptcy case.

Data Breach and Fallout in the FTX Bankruptcy

According to a notice sent from Kroll’s official address, the company acknowledged an incident on August 19, 2023. 

Attackers reportedly took control of a staff member’s phone number, gaining entry to files in Kroll’s cloud storage. Those files contained names, home addresses, email contacts, and creditor account balances from the failed exchange. 

While Kroll stressed no passwords or FTX digital assets were exposed, the compromised data provided material for targeted scams.

The email warning explained that malicious actors could send phishing messages pretending to be linked to the FTX case. Creditors were urged to avoid sharing private keys, seed phrases, or passwords through unverified channels. 

The notice clarified that neither the Delaware Bankruptcy Court nor Kroll would ever request such details by email. Still, creditors claim these safeguards did not stop the flood of scam communications that followed. 

Court records confirm Kroll has informed both law enforcement and the debtors about the incident. The lawsuit now centers on whether Kroll bears responsibility for losses tied to the ongoing scams.

Scam Emails and Class-Action Allegations

Creditors involved in the suit argue phishing attempts became a daily threat after the breach. Many say fraudulent messages mimicked official bankruptcy updates, tricking claimants into clicking links or exposing sensitive accounts. 

Some allege personal losses from connecting wallets or providing data in response to convincing but fake requests.

The class-action filing claims Kroll failed to uphold its duty of care in safeguarding information from the breach. 

Creditors also argue the company did not provide adequate protections or remedies after attackers obtained the stolen records. In response, Kroll stated it had contained the breach, launched an internal investigation, and worked with authorities. 

But creditors insist those measures were too late to prevent the cascade of scams that followed.

The dispute now sits before the Delaware Bankruptcy Court, which continues to oversee the broader FTX collapse. With billions in customer assets still tied up in recovery, claimants see the Kroll breach as an added layer of damage. 

The case adds yet another complication to a bankruptcy already marked by chaos, fraud, and loss of trust.

The post Daily Scam Emails Trigger Class-Action Suit Against Kroll in FTX Bankruptcy Fallout appeared first on Blockonomi.