Revolut has confirmed it reported an alleged extortion attempt by a former employee after a customer claimed they were threatened with a leak of sensitive KYC information unless a cryptocurrency ransom was paid.
Quick Summary – TLDR:
- A Revolut user says a former employee threatened to publish KYC data unless paid in cryptocurrency.
- The user claims the alleged extortionist also contacted family members to increase pressure.
- Revolut says it has reported the matter to law enforcement and that its security systems worked as intended.
- The incident is raising fresh concerns about insider risk and employee access controls in fintech.
What Happened?
A crypto trader posting on X under the name TraderSZ alleged that a former Revolut employee tried to blackmail him by threatening to expose his identity and personal details. Revolut confirmed it has reported the case to law enforcement and said an investigation is underway.
Revolut confirms ex-employee threatened to leak KYC data for crypto ransom
— TraderSZ (@trader1sz) February 23, 2026
https://t.co/M7aw4OHU49
The Allegation: A Crypto Ransom Demand Tied to KYC Data
The situation surfaced publicly after TraderSZ described what he says was an attempted shake down involving private customer information collected during Know Your Customer checks. In his post, the trader claimed the former employee threatened to disclose personal information unless a ransom was paid in cryptocurrency.
TraderSZ also said the pressure went beyond direct messages to him. He alleged that the former employee contacted relatives who use Revolut, apparently aiming to push the trader into paying.
The trader shared screenshots that he said show interactions with Revolut customer support regarding the incident. At the time of reporting, Cointelegraph said it contacted TraderSZ for more detail, including what information may have been accessed and whether a formal complaint had been filed, but did not immediately receive a response.
Revolut’s Response: Reported to Police, No System Breach Claimed
Revolut confirmed the matter has been escalated to law enforcement and framed it as criminal conduct linked to a former employee.
A Revolut spokesperson told Cointelegraph:
The company also said it is in contact with the affected customer. Revolut’s public messaging has focused on reassurance, emphasizing that its core protections held up and that there is no evidence of a broader compromise of its systems.
Why This Is Setting Off Alarm Bells in Fintech?
Even if there is no sign of a systemic intrusion, this kind of allegation is still a nightmare scenario for any financial app. KYC data can include highly sensitive personal details that are hard, or impossible, to change once exposed. For customers, the fear is not just embarrassment. It is also risks like impersonation, targeted scams, and social engineering attacks that can spill into other accounts and services.
The episode also puts a spotlight on a common weak point across the industry: insider access. Fintech firms often have fast moving teams, outsourced support functions, and complex permission systems. That mix can create gaps if access is not tightly limited, constantly reviewed, and quickly removed when someone leaves.
Reports circulating about the incident also reference NS3.AI as an early signal booster, showing how quickly these claims can spread and force companies into public response mode, especially when the story involves crypto payments and identity data.
SQ Magazine Takeaway
I do not care how advanced a company’s security stack is, insider risk is the one threat that keeps showing up in every industry I have covered. In my experience, customers judge companies less on whether a scary claim appears online and more on how clearly the company responds and how seriously it treats the human access problem.
What I found most worrying here is the alleged use of family members as leverage. If that detail is accurate, it crosses from a data incident into personal intimidation. Revolut did the right thing by pushing it to law enforcement and publicly stating that its controls worked as intended. Still, this is a reminder for every fintech user to tighten their own defenses too. Lock down accounts, watch for unusual contact, and treat any unexpected message as suspicious, even if it seems to know personal details.
