Kris Marszalek, chief executive of Crypto.com, has vehemently denied allegations regarding the company’s failure to disclose a security incident in 2023, labeling the claims as misinformation stemming from poorly informed sources. This statement follows a Bloomberg report that suggested the exchange had quietly suffered a cyberattack orchestrated by a group called Scattered Spider, known for manipulating employees into giving up access credentials.
The Bloomberg investigation detailed how members of Scattered Spider impersonated Crypto.com’s internal IT staff to convince employees to disclose their login information. The report claimed the attackers sought to escalate their access by targeting senior accounts within the organization. This situation raised significant concerns among security experts regarding the transparency practices of Crypto.com, one of the largest cryptocurrency exchanges globally.
In response to the Bloomberg report, Marszalek took to social media on September 22, asserting that any insinuation of inadequate incident reporting was “completely unfounded.” He emphasized the company’s regulatory obligations, stating, “We are a regulated business and are required to report all incidents to our respective regulators, which is exactly what we did.” He accused Bloomberg of deliberately omitting this critical detail to fit a particular narrative.
Marszalek elaborated that the security incident stemmed from a phishing campaign aimed at a single employee and that the threat was neutralized within a few hours. He assured stakeholders that no customer funds were compromised, and that only a limited amount of personally identifiable information from select users was affected. He also highlighted Crypto.com’s commitment to security by stating, “Our systems are battle tested and continuously improving—we’re proud of our security-first culture and having the most security certifications of any company in our industry.”
Adding another layer to the exchange’s challenges, the controversy comes at a time of heightened volatility in the cryptocurrency market. The price of Crypto.com’s Cronos token saw a significant decline of 10% within a 24-hour period, dropping to $0.20. This downturn reflects a broader trend impacting the cryptocurrency market, where major digital assets like Bitcoin and Ethereum have also experienced substantial price drops, leading to approximately $1.7 billion in liquidations across various exchanges.
As Crypto.com navigates this turbulent landscape, the developments surrounding the alleged security incident and the market volatility could have lasting implications for the exchange and its standing among cryptocurrency platforms.
