FTX, the bankrupt cryptocurrency exchange, announced on Saturday (September 17) that its customer claims portal is once again fully operational. The platform had frozen some user accounts in late August after a cyberattack against Kroll, the agent managing the claims process. Those affected accounts have now been unfrozen.
Background: Kroll Hit by SIM Swapping Attack
On August 25, Kroll revealed that a cyberthreat actor had targeted a T-Mobile US account belonging to one of its employees in what it described as a “highly sophisticated ‘SIM swapping’ attack.” According to Kroll, T-Mobile, without any authority from or contact with Kroll or its employee, transferred that employee’s phone number to the threat actor’s phone at their request. The attacker subsequently gained access to files containing personal information of bankruptcy claimants in the cases of FTX, BlockFi, and Genesis.
Portal Restoration and Enhanced Security
“Following our review and assessment of the recent Kroll cybersecurity incident, FTX has unfrozen all affected accounts,” FTX said in a post on X (formerly Twitter), updating the public about the case. Claimants may now resume activities on the platform. FTX pointed out that additional measures have been implemented to secure the portal, though specific details were not disclosed. Kroll emphasized that actions were taken to secure the affected accounts and that there was no evidence that other systems or accounts had been impacted.
Repayment Progress: Judge Approves Liquidation of $3.4B Crypto Holdings
Meanwhile, FTX received permission from a bankruptcy judge to liquidate its digital assets valued at more than $3.4 billion in order to repay creditors. Its holdings comprise a range of cryptocurrencies, including $560 million in bitcoin (BTC), $192 million in ethereum (ETH), and $1.16 billion in solana (SOL). These liquidation efforts are part of FTX’s reorganization plan aimed at maximizing returns for customers who lost funds in the exchange’s collapse.
While the claims portal is now fully accessible, users are advised to remain vigilant. FTX recommends logging in only through official channels and enabling two-factor authentication. It remains unclear whether the security incident could lead to further identity theft or fraud attempts against claimants.

