\t\t\t\t\t\t\t\tKey Takeaways
\nWere Crypto.com customer funds affected?<\/p>\n
No, Crypto.com confirmed that no customer funds were accessed or at risk. Only a very small number of users\u2019 partial personal information was affected.<\/p>\n
Did Crypto.com disclose the breach publicly?<\/p>\n
No, the company did not publicly notify the impacted users, which drew criticism from blockchain investigator ZachXBT.<\/p>\n
Crypto.com reportedly suffered a previously undisclosed data breach linked to the Scattered Spider hacking group, raising concerns over its security posture.<\/p>\n
Details of the attack<\/strong><\/p>\n According<\/a> to a Bloomberg investigation, the attack involved teenage hackers, including 18-year-old Noah Urban from Florida, who specialized in phishing employees at telecom, tech, and cryptocurrency firms. <\/p>\n Urban and his collaborators accessed sensitive user information. The group previously targeted MGM Resorts and other corporations.<\/p>\n Crypto.com acknowledged that the breach impacted \u201ca very small number of individuals\u201d but emphasized that no customer funds were compromised.<\/p>\n Crypto.com\u2019s response<\/strong><\/p>\n Despite this, the company did not notify the affected users publicly.<\/p>\n Remarking on the same, Crypto.com CEO, Kris Marszalek, noted<\/a>,\u00a0<\/p>\n \u201cAny suggestion that we did not report or disclose a security incident is completely unfounded \u2013 as we reported in a NMLS Notice of Data Security incident filing and in additional reports with the relevant jurisdictional regulators, we detected a phishing campaign that targeted one of our employees in 2023.\u201d<\/p>\n<\/blockquote>\n Marszalek stated that the incident was contained within hours, with no customer funds ever at risk, and only a very limited number of users\u2019 partial personal information was affected. <\/p>\n He even emphasized the company\u2019s \u201csecurity-first\u201d culture.<\/p>\n What does ZachXBT have to say about this breach?<\/strong><\/p>\n However, blockchain investigator ZachXBT took<\/a> to X to call out Crypto.com for not disclosing the data breach. He said,<\/p>\n \u201cYour team covered up a breach that impacted the personal information of your users.\u201d<\/p>\n<\/blockquote>\n He added<\/a>,\u00a0<\/p>\n \u201cThey\u2019ve been breached several times.\u201d<\/p>\n<\/blockquote>\n That being said, the Crypto.com breach was part of a larger criminal campaign orchestrated by the Scattered Spider group, which had evolved from simple SIM-swapping to sophisticated corporate infiltration.<\/p>\n Florida native Noah Urban, then a teenager, acted as a \u201ccaller\u201d inside the group, persuading employees to hand over credentials that unlocked internal systems.<\/p>\n Broader criminal campaign<\/strong><\/p>\n The attack happened before March 2023. Urban was arrested nine months later, in January 2024, and charged with hacking 13 companies.<\/p>\n Authorities said the group also misused United Parcel Service data.<\/p>\n Following indictments of Urban and four accomplices, he pled guilty to wire fraud and aggravated identity theft.<\/p>\n It resulted in the seizure of $4.8 million in crypto, $13 million in restitution, and a 10-year prison sentence with additional supervised release.<\/p>\n All these disclosures coincided with CEO Marszalek\u2019s predictions<\/a> of a strong fourth-quarter performance and a partnership<\/a> with Yorkville Acquisition Corp. and Trump Media to form Trump Media Group CRO Strategy, Inc., a digital asset treasury focused on acquiring Cronos (CRO). <\/p>\n \t\t\t\t\t\t\t\t\t\t\tPrevious: Dogecoin: Why this cycle can have DOGE\u2019s most sustainable rally yet<\/a>\t\t\t\t\t\t\t\t\t\t<\/p>\n\n
\n
\n