tl;dr
Hackers accessed Solana co-founder Raj Gokal’s email and obtained personal information, including passport and phone number, after a failed 40 Bitcoin ransom demand. Following Gokal’s refusal to pay, attackers compromised rap group Migos’ Instagram account to publicly share the stolen data. The brea...
Solana co-founder Raj Gokal was doxxed after refusing to pay a 40 BTC ransom following a social engineering attack on his email. Hackers gained access to his personal information, including passport and phone number, and subsequently compromised rap group Migos’ Instagram account to publicly release the stolen data.
The attack originated from unauthorized access to Gokal’s email, which contained sensitive know-your-customer (KYC) photos synced to a cloud backup. After the ransom demand was rejected, the attackers used Migos’ 13 million-follower Instagram profile to expose the private documents. Gokal warned his followers about ongoing attempts to control his online accounts and advised caution regarding suspicious token launches or fundraising requests.
Security analyst ZachXBT clarified that the breach was due to social engineering against Gokal’s email provider and was unrelated to the recent Coinbase data breach. Coinbase, in mid-May, disclosed a security incident where internal systems were accessed after support agents were bribed, potentially affecting customers through social engineering. Coinbase estimates the cost of remediation and reimbursements between $180 million and $400 million.
Gokal responded to the incident humorously on social media, reminding people to "dress up smart for your KYC photos" due to the risks of such images being leaked. This episode highlights the persistent risks in the crypto industry regarding personal data security, social engineering tactics, and the ripple effects of major data breaches on prominent figures in the ecosystem.