- FTX creditors allege Kroll’s 2023 breach exposed personal data, leading to phishing attacks and stalled reimbursement processes.
- The lawsuit demands systemic security changes, multi-channel alerts, and KYC-independent options for uploading tax documentation.
- Plaintiff Repko seeks compensation for crypto lost due to phishing, calling out Kroll’s insufficient post-breach communication and negligence.
FTX creditors have filed a class-action lawsuit against Kroll Restructuring Administration, citing severe negligence related to the platform’s August 2023 data breach. The suit, led by plaintiff Repko, comes just weeks before the upcoming $1.9 billion reimbursement round scheduled for September 30, 2025.
The complaint emphasizes the risks creditors faced after hackers accessed a Kroll employee’s mobile number. The breach allowed unauthorized access to Kroll’s cloud systems, revealing confidential information such as full names, email addresses, home addresses, and FTX account balances. Although no funds or passwords were stolen, the exposed data later fueled targeted phishing attacks.
Phishing scams follow a breach, resulting in losses
Several creditors received fraudulent emails impersonating official FTX representatives. These phishing attempts intensified after the breach. In one reported case, plaintiff Repko lost 1.9 ETH in July 2025 due to a scam traced back to exposed personal details. Community members, including user Sunil, shared screenshots showing that the phishing messages contained full legal names, raising concerns about the scope of data compromised.
The lawsuit accuses Kroll of failing to adequately inform affected users. Instead of using multiple channels, Kroll relied solely on email notifications, which many users claim were insufficient or missed entirely. Creditors argue that this approach increased their exposure to scams and limited their ability to respond effectively.
Systemic flaws and communication gaps identified
Beyond the breach, the legal complaint highlights systemic issues in Kroll’s claim-handling process. These include inconsistent Know-Your-Customer (KYC) verification status, which locked some users out of uploading required tax forms. Others reported being stuck between “Verified” and “Hold” statuses, preventing progress on reimbursement claims.
The class action calls for a multi-layered reform of Kroll’s systems. Requests include multi-channel communication alerts, manual document upload options not blocked by KYC, an independent security audit, and compensation for phishing-related losses. If approved by the court, eligible plaintiffs may receive monetary relief or actual damages.
