Crypto.com reveals user data was hacked but "deliberately concealed", official response: no factual basis
Cryptocurrency exchange Crypto.com was exposed by Bloomberg: Crypto.com had previously been attacked by the hacker group Scattered Spider, but Crypto.com was suspected of deliberately concealing the attack, causing the community to question Crypto.com's transparency.
(Preliminary news: Trump Truth Social integrates CRO tokens: "Truth Gemstones" can be directly exchanged for $CRO, and the currency price jumps accordingly)
(Background supplement: News Flash> Trump Media cooperates with Crypto.com to establish a CRO treasury company! Plans to reserve $6.42 billion. $CRO currency price soars 33%)
According to "Bloomberg" reports, the hacker organization Scattered Spider member Noah Urban revealed that the group invaded the cryptocurrency exchange Crypto.com through a phishing attack in early 2023, resulting in the leakage of some users' personal information. However, this incident has never been publicly disclosed before and is suspected to have been deliberately concealed by Crypto.com, raising questions about Crypto.comās transparency.
Scattered Spider attacked Crypto.com
Reports pointed out that Scattered Spider is a hacker group with teenagers at its core, and 18-year-old Florida youth Noah Urban is its key figure. The group is known for its social engineering techniques and is good at impersonating IT security personnel to trick targets into revealing sensitive information. In early 2023, Scattered Spider used a phishing attack to successfully access the account of a Crypto.com employee, thereby leaking the personally identifiable information (PII) of a small number of users. The attack was carried out after the group successfully penetrated the messaging platform Twilio and used customer verification codes and access credentials obtained from 209 companies to further target Crypto.com employees.
The report continued that Scattered Spiderās criminal methods have evolved from early SIM card swapping to complex penetration operations targeting large enterprises. Noah Urban has been learning SIM swapping in the Minecraft gaming community since he was 15, and easily tricked telecom company employees with his deep voice and social engineering talents. With schools closed during the COVID-19 pandemic, Urban expanded his criminal network. He has personally used cryptocurrency proceeds to purchase luxury goods, including a $35,000 diamond-encrusted Rolex and an $80,000 Minecraft username.
Crypto.com official response
In response to the Bloomberg report, a Crypto.com spokesperson responded that Crypto.com had detected a phishing attack against an employee in 2023 and controlled the incident within hours. The incident only affected the personal information of "a very small number of individuals" and customer funds were not affected and were never at risk.
The spokesperson further pointed out that Crypto.com has submitted a "Data Security Incident Notification Filing" to the U.S. National Multi-State Licensing System (NMLS) and reported it to regulatory agencies in relevant jurisdictions, denying the claim of concealing the incident.
In addition, Crypto.com CEO Kris Marszalek also responded on the X platform, calling the accusations of undisclosed security incidents "completely baseless" and accusing "misleading information from unknown sources being spread." He reiterated that Crypto.com has reported the incident to the United States and relevant regulatory agencies in accordance with the law.
I want to directly and clearly address some misinformation spreading from uninformed sourcesā¦
Any suggestion that we did not report or disclose a security incident is completely unfounded ā as we reported in a NMLS Notice of Data Security incident filing and in additionalā¦ā Kris | Crypto.com (@kris) September 22, 2025
However, Crypto.com has not yet made it clear whether it has notified affected users and whether it has disclosed the filing content with regulatory agencies, so it has not yet dispelled external concerns. Blockchain security team ZachXBT also publicly criticized Crypto.com on the X platform after the Bloomberg report, saying that it "covered up leaks that affected users' personal information" and said that the exchange "has been hacked multiple times."
It is worth noting that this incident comes at a time when Crypto.com is actively expanding. The exchange had earlier reached a $6.42 billion digital asset treasury cooperation with Trump Media Technology Group, and Trumpās social platform Truth Social also integrated CRO tokens. In addition, Crypto.com is currently rumored to be planning to enter the sports betting and political event prediction markets. However, the undisclosed data breach casts a pall on Crypto.comās reputation, especially amid recent high-profile user data leaks at major exchanges such as Coinbase.
