Fintech giant Revolut has reported a former employee to law enforcement following allegations the individual attempted to extort a cryptocurrency trader by threatening to leak their Know Your Customer (KYC) data. The incident, which came to light through public posts by a trader known as TraderSZ on X, involves threats to publish the trader's identity and private details and to contact family members to pressure payment of a ransom.
Revolut has stated its internal security systems and data protection protocols were not breached, attributing the incident to the "unlawful and criminal actions" of a former staff member. The company confirmed it is in communication with the affected customer and that an investigation is underway. A spokesperson emphasized, "Following a review of the incident, we have confirmed that Revolut’s security systems and data protection protocols operated as intended and there was no procedural breach."
The case highlights the growing risk of insider threats within fintech platforms, particularly those servicing crypto users. While no systemic breach occurred, the allegation raises questions about access controls and monitoring for individuals with prior system access. The potential regulatory oversight could involve the UK's Information Commissioner's Office (ICO) on data protection and the Financial Conduct Authority (FCA) on conduct expectations, though no formal notifications have been confirmed.
This incident occurs against a backdrop of increasing threats targeting cryptocurrency holders. Data from cybersecurity firm CertiK shows a 75% rise in so-called "wrench attacks"—physical assaults aimed at coercing crypto transfers—in 2025, with 72 verified cases globally. French authorities have also recently made multiple arrests in connection with kidnapping and ransom plots targeting crypto entrepreneurs.
Revolut, valued at $75 billion as of November 2025 and serving over 65 million users, faces potential reputational and regulatory scrutiny despite its assertion of no system compromise.
