United-States-based Twitter users had been reporting suspicious data access requests from FTX.US to their bank accounts.
Plaid is a fintech company that facilitates communication between financial services apps and users’ banks and credit card providers.
In FTX.US’ case, its products enable users to allow FTX.US customers to connect their bank accounts to the FTX app. This would then allow FTX.US to request payments that will be processed by the ACH network.
In a pinned Tweet on Nov. 12, Plaid announced it has suspended FTX’s access to Plaid products as of approximately 6:30 am UTC on Nov. 12, meaning that “FTX can no longer retrieve any financial information via Plaid.”
Plaid suspended FTX’s access to Plaid products as of 11/11/22 at approximately 10:30PM PT. FTX can no longer retrieve any financial information via Plaid.— Plaid (@Plaid) November 13, 2022
To provide as much clarity for end-users as possible, we’ve compiled the following FAQs. https://t.co/QbyNtXUH5r
In an earlier Tweet, Plaid said the suspension was due to “concerning public reports,” though noted that there is “currently no indication that Plaid has been used as a vector for fraudulent activity.”
On Nov. 12, Twitter users began reporting that FTX.US had attempted to access their accounts through Plaid. Reports so far only suggest that the users’ data has been accessed, and no reports so far suggest that any funds have been removed.
PSA: If you have a bank account linked to FTX US, change your bank account password and stop sharing data immediately.— Mike McGuiness ᵍᵐ (@mikemcg0) November 12, 2022
Below is a screenshot of my bank account, which they tried accessing 40 mins ago pic.twitter.com/sdnaUFEzOW
Others have warned others to immediately change their bank account passwords and to revoke access rights on Plaid.
If you had Plaid / Stripe connected to FTX make sure to revoke access in your bank account immediately!— Birch (@BitcoinBirch) November 12, 2022
For Chase it’s under Security & Privacy and listed as “MX Technologies” at least for FTX US. pic.twitter.com/lwsuF4iPTQ
In an FAQ, Plaid also suggested that some of these access requests could be part of automated financial information checks conducted by Plaid, which are done on a regular schedule.
It has also reiterated that since suspending access, FTX has not been able to retrieve any information from Plaid accounts.
The financial technology provider that allows FTX.US users to link their bank accounts to the FTX app has suspended the U.S.-based exchange’s access to its products, citing “concerning public reports” of fraudulent activity.