TLDR
- Bloomberg reports a teenage hacker gained access to a Crypto.com employee account.
- Breach exposed personal data of a "very small number" of users, no funds stolen.
- Attack linked to cybercrime group Scattered Spider, targeted 13 companies.
- ZachXBT criticized Crypto.com for failing to disclose the breach publicly.
Crypto.com, one of the world's largest crypto exchanges, was quietly breached by a teenage hacker before March 2023 - and only now is the incident being publicly reported.
According to a Bloomberg Businessweek investigation, the hacker, Noah Urban, was part of Scattered Spider, a cybercriminal gang known for phishing employees of major technology, telecom, and crypto companies. Urban and his accomplice, who went by the alias Jack, successfully accessed a Crypto.com employee account, giving them a window into sensitive internal data.
Inside the Attack
Bloomberg reports that the hack was one of several successful intrusions by Urban, who specialized in social engineering - tricking employees into giving up login credentials. The attack reportedly took place months before an FBI raid in March 2023 seized $4 million worth of Urban's crypto, along with hundreds of thousands of dollars in cash and jewelry.
Urban was arrested nine months later, in January 2024, and eventually pleaded guilty to hacking 13 companies. He was sentenced to 10 years in prison.
Crypto.com confirmed the incident to Bloomberg, saying that it affected the personal data of only "a very small number of individuals" and that no customer funds were compromised.
Employee Targeting: A Growing Attack Vector
Security experts warn that exchange employees have become prime targets for hackers. Gaining access to internal tools can allow attackers to bypass account protections, reset credentials, or view sensitive data.
This isn't an isolated incident - rival exchange Coinbase previously reported losing hundreds of millions after cybercriminals bribed offshore customer service agents to gain unauthorized access to systems.
Community Reaction
On X, blockchain investigator ZachXBT criticized Crypto.com for keeping the breach quiet. He suggested this wasn't an isolated event, posting:
His comments reignited discussions around transparency in the crypto industry, where many believe that exchanges should disclose all incidents that involve user data - even if no funds are lost.
Lessons for the Industry
The breach highlights how social engineering remains one of the most effective attack methods in crypto. Unlike direct exploits of blockchain code, phishing and employee-targeted hacks exploit human behavior - and they're difficult to fully prevent.
Security analysts argue that exchanges should invest in stronger internal controls, multi-factor authentication, and continuous employee training to minimize risks. Transparency, too, remains a hot topic: many industry participants believe that timely disclosure of data breaches should be standard practice, just as it is in traditional finance.
Final Thought
While this breach did not result in stolen funds, it serves as a reminder that trust in centralized exchanges depends not just on asset security, but also on transparency and user protection. Crypto.com's decision not to disclose the incident earlier may fuel calls for stricter reporting standards across the industry.
ALSO READ: No More Front-Running: Why COTI V2 Might Just Save DeFi
