How to Protect Your Crypto Assets After a Data Breach: A Step-by-Step Beginner Guide

If you received a notification in August 2023 that your personal information was exposed in the Kroll data breach affecting FTX and BlockFi bankruptcy claimants, you are not alone. Thousands of cryptocurrency users found themselves in an unsettling position: their data had been compromised through no fault of their own, and the same bad actors who stole their data could now target them with sophisticated scams. Understanding how to protect yourself in the aftermath of a data breach is one of the most valuable skills any crypto user can develop.

The Basics

A data breach occurs when an unauthorized party gains access to information that was supposed to be kept private. In the crypto context, this typically means your name, email address, phone number, and details about your cryptocurrency holdings or claims. It does not necessarily mean your passwords were stolen or your wallets were directly compromised — but the information that was leaked can be used to trick you into giving up your security credentials.

Attackers use leaked data to craft highly targeted phishing emails and phone calls. They know your name, they know you have cryptocurrency assets, and they know which platform you used. This makes their scams far more convincing than generic phishing attempts. A fraudulent email that references your specific FTX claim number, for example, is much more likely to fool you than a random message asking you to verify your account.

Why It Matters

Cryptocurrency transactions are irreversible. Unlike a bank account where you can dispute a fraudulent charge and often recover your money, a crypto transfer that is authorized by your private key cannot be undone. This means that a single successful phishing attack — one convincing email, one intercepted SMS code — can result in the permanent loss of your assets.

In August 2023, Bitcoin was trading around $27,300 and Ethereum around $1,705. For many users affected by the FTX and BlockFi collapses, the funds tied up in bankruptcy proceedings represent a significant portion of their net worth. Losing those funds to a post-breach scam would be devastating, which is why taking immediate protective action is essential.

Getting Started Guide

Step 1: Secure your authentication methods. If you are still using SMS-based two-factor authentication for any cryptocurrency-related account, switch to an authenticator app immediately. Google Authenticator, Authy, and Microsoft Authenticator all generate time-based codes that cannot be intercepted through a SIM-swap attack — the same technique that enabled the Kroll breach in the first place.

Step 2: Enable withdrawal allowlisting. Many cryptocurrency platforms offer a feature that restricts withdrawals to pre-approved wallet addresses. When enabled, any attempt to add a new withdrawal address triggers a mandatory waiting period — typically seven days — during which you can cancel the request if you did not initiate it. BlockFi specifically recommended this feature to its users after the Kroll breach.

Step 3: Verify every communication independently. If you receive an email about your FTX or BlockFi claim, do not click any links in the email. Instead, open your browser, manually navigate to the official claims portal, and check for any legitimate notifications there. Scammers will create convincing fake websites that capture your login credentials the moment you enter them.

Step 4: Update your passwords. Even though Kroll did not store account passwords, it is good practice to change your passwords on all crypto-related platforms after any data breach. Use a unique, strong password for each platform and store them in a reputable password manager rather than writing them down or reusing passwords across sites.

Step 5: Monitor your accounts regularly. Check your email for login alerts you did not initiate, review your crypto exchange accounts for unauthorized activity, and monitor your credit reports for signs that your personal information is being used to open fraudulent accounts.

Common Pitfalls

The most dangerous pitfall is complacency. Many users assume that because the breach was classified as involving “non-sensitive” data, there is nothing to worry about. In reality, the combination of a known name, email, and affiliation with a cryptocurrency platform is exactly the information that makes targeted phishing attacks effective.

Another common mistake is relying solely on the breached company’s advice. While FTX and BlockFi provided useful guidance, their primary interest is in managing legal liability. Your security is ultimately your responsibility, and you should take additional measures beyond what any company recommends.

Finally, do not share details about your claim or your crypto holdings on social media or public forums. Attackers actively scan these platforms for information they can use to personalize their scams.

Next Steps

Once you have completed the immediate protective measures, consider investing in a hardware wallet for long-term storage of your cryptocurrency assets. Hardware wallets store your private keys on a physical device that never connects to the internet, making them immune to phishing attacks, malware, and remote compromise. Popular options include Ledger and Trezor, both of which support hundreds of different cryptocurrencies.

If the recovered funds from the FTX or BlockFi bankruptcy proceedings represent a significant amount, consult a financial advisor who understands cryptocurrency to develop a plan for securing and diversifying those assets. The bankruptcy process is complex, and the last thing you want is to recover your funds only to lose them to a preventable security breach.

Disclaimer: This article is for educational purposes only and does not constitute financial or legal advice. Always consult qualified professionals for guidance specific to your situation.