Crypto.com CEO Denies Security Breach Cover-Up
Kris Marszalek, CEO of Crypto.com, addressed rumors about a past security breach. He called claims that the exchange failed to disclose the incident “entirely baseless.”
Crypto investigator ZachXBT recently said Bloomberg reported a 2023 breach at Crypto.com. He claimed the breach exposed users’ personal information and was not disclosed to customers.
Marszalek responded on X, explaining that in 2023, Crypto.com detected a phishing attack targeting an employee. The incident was reported through the NMLS Notice of Data Security and to relevant regulators.
He added the breach was contained within hours. No customer funds were at risk, and only a small number of users had partial personal information affected.
Scattered Spider Hack and Industry Criticism
On September 19, 2025, Bloomberg reported that Noah Urban from the hacking group Scattered Spider admitted to phishing a Crypto.com employee’s account before early 2023. This gave the hackers access to some users’ personal data.
The report noted criticism from crypto experts who said Crypto.com should have been more transparent. Concerns about data leaks grew after Coinbase suffered a major customer data breach earlier in 2025. Roelof Botha, a Sequoia Capital executive, was among those affected.
Marszalek emphasized that Crypto.com continuously improves its security. He said the exchange holds more industry certifications than any other platform.
Exchange’s Commitment to Security
- Phishing incident detected and reported in 2023
- Incident contained within hours
- No customer funds compromised
- Minimal user personal information affected
- Strong security systems and multiple industry certifications
