Kroll, the financial advisory firm managing claims for bankrupt crypto exchange FTX, is facing a class-action lawsuit filed by creditors who allege that a 2023 data breach exposed sensitive personal information and led to a wave of phishing attacks. The suit, filed on August 20, 2025, by Hall Attorneys in a U.S. district court, claims that Kroll's reliance on email-only communication for claims verification created a single point of failure, compromising the process and causing delays, lockouts, and in some cases, loss of funds.
The breach, which occurred in August 2023, allowed unauthorized access to creditor data, including names, addresses, email contacts, and FTX account balances. Despite knowing the risks, Kroll continued to send critical notices solely via email, leaving claimants vulnerable. Prominent FTX creditor Sunil Kavuri reported receiving daily phishing emails addressed to him by name, with screenshots showing scams arriving as recently as August 2024.
This is not Kroll's first security incident; the firm suffered another breach in March 2024 that exposed client invoicing and accounts payable data. The lawsuit seeks monetary relief for losses related to phishing attacks and delayed claims, potentially up to $750 or actual damages for eligible class members, depending on residency. It also demands operational reforms, including multi-channel communications, stricter security controls, and independent audits.
The suit coincides with FTX's ongoing creditor repayments, with a third round of nearly $2 billion set to begin on September 30, 2025. Previous rounds distributed over $6.2 billion, but the collapse of FTX in November 2022, led by ex-CEO Sam Bankman-Fried, erased billions in investor value and raised profound doubts about risk management in the crypto industry.