Crypto exchange Crypto.com has refuted claims that it concealed a 2023 data leak involving user information from authorities.
Bloomberg reported on Friday that Noah Urban, a member of the hacking group Scattered Spider, stated the group phished their way into a Crypto.com employee’s account before early 2023, exposing personal data of some users.
Blockchain investigator ZachXBT subsequently asserted on X that Crypto.com “covered up a breach that impacted the personal information of your users,” noting that Crypto.com had been “breached several times.”
The Bloomberg report prompted some crypto experts to criticize Crypto.com, suggesting it should have been more transparent given the heightened concerns over user data leaks after major exchange Coinbase was compromised this year.
However, a Crypto.com spokesperson informed Cointelegraph that the company filed a “Notice of Data Security incident” with the US-based Nationwide Multistate Licensing System and “additional reports with the relevant jurisdictional regulators.”
Crypto.com asserts hack impact was “limited”
The spokesperson noted that the company “detected a phishing campaign targeting one of our employees in 2023.”
The incident “involved exposure of limited PII [Personally Identifiable Information] data affecting a very small number of individuals,” they added. “The incident was contained within hours of detection, and no customer funds were accessed or ever at risk.”
It remains unclear whether Crypto.com notified those affected by the breach or if its incident filings were made publicly available. Crypto.com did not promptly respond to additional inquiries.
Related: CZ sounds alarm as ‘SEAL’ team uncovers 60 fake IT workers linked to North Korea
Exchange CEO claims “misinformation”
Crypto.com CEO Kris Marszalek made a similar post on X on Sunday, stating that “misinformation was spreading from uninformed sources.”
“Any suggestion that we did not report or disclose a security incident is entirely unfounded,” he stated, adding that the company reported the breach in the US and to “relevant jurisdictional regulators.”
Earlier this month, Trump Media & Technology Group, the parent of US President Donald Trump’s Truth Social platform, finalized a deal with Crypto.com to establish a Cronos (CRO) treasury.
This arrangement marked a further strengthening of ties between the crypto sector and the Trump administration.
AI Eye: ‘Accidental jailbreaks’ and ChatGPT’s links to murder, suicide
