Fri, Aug 25, 2023
We were recently informed that on Saturday, August 19, 2023, a cyber threat actor targeted a T-Mobile US., Inc. account belonging to a Kroll employee in a highly sophisticated “SIM swapping” attack. Specifically, T-Mobile, without any authority from or contact with Kroll or its employee, transferred that employee’s phone number to the threat actor's phone at their request. As a result, it appears the threat actor gained access to certain files containing personal information of bankruptcy claimants in the matters of BlockFi, FTX and Genesis. Immediate actions were taken to secure the three affected accounts. Affected individuals have been notified by email.
We are cooperating with the FBI and a full investigation is underway. We have no evidence to suggest other Kroll systems or accounts were impacted.
Please be advised that Kroll Restructuring Administration will never ask or require you to do any of the following in connection with the processing of bankruptcy claims or the distribution of assets:
Across our firm, we continue to prioritize data security and information protection. We deeply regret any inconvenience or concern this situation may have caused and we will continue to prioritize the safety and trust of our clients, partners and community.