Solana Co-Founder’s Private Data Exposed in Brazen Instagram Hack via Migos’ Account
In a bizarre crossover of crypto and hip-hop, hackers hijacked Migos’ Instagram to dump sensitive personal info tied to Solana’s co-founder. The breach—equal parts audacious and sloppy—highlights the Wild West security plaguing even top-tier crypto figures.
Why bother with sophisticated attacks when a celebrity account will do? The move exposes the industry’s lingering identity protection gaps—ironic for a sector built on ’trustless’ systems. Meanwhile, Solana’s price barely twitched. Priorities intact, as always.
Hackers used the official Instagram account of rap group Migos to post personal data belonging to solana co-founder Raj Gokal, exposing sensitive documents in what appears to be a failed extortion scheme demanding millions in Bitcoin. The attack comes amid a wider wave of account hijackings in the crypto space and raises new questions about personal security in the high-profile digital finance sector.
Unsplash
On May 27, Migos’ Instagram page, which has more than 13 million followers, was briefly flooded with photos showing Gokal’s driver’s license, passport, and other identifying documents. One image also included a woman identified by the hackers as Gokal’s wife, holding her own ID. The posts were live for nearly an hour before Instagram removed them.
One of the captions implied Gokal had been targeted for extortion. The message read, “you should’ve paid the 40 BTC,” referencing a demand for roughly $4.3 million based on current Bitcoin prices. Gokal was tagged directly in the post. His phone number and other contact details were also shared publicly.
The documents appear to come from know-your-customer (KYC) verifications, a process which is commonly used by crypto exchanges and platforms to comply with financial regulations. The leak triggered an immediate backlash online and deep concern across crypto circles, where identity-based attacks have been on the rise.
Just a week before the hack, Gokal had warned his followers on X (formerly Twitter) that attackers were trying to break into his email, social media, and cloud accounts. In his post, he urged followers not to trust any suspicious content coming from his channels. Using a top web3-compatible wallet with built-in security features might help reduce the risk in situations like this, especially for public figures in crypto.
Blockchain investigator ZachXBT said the attack was likely a case of social engineering. He believes the hackers got hold of Gokal’s private information through phishing or manipulation, then tried to pressure him into paying. After Gokal apparently refused, they turned to public doxxing.
Crypto-related attacks have become common recently. Over the past few months, crypto-related social media accounts have faced increasing pressure from hackers. Accounts tied to crypto news sites, meme coin platforms, and public figures have all been used to promote fake coins or leaks. In many cases, hackers aim to profit quickly before users catch on. In some other cases, criminals tried to kidnap the daughter of a famous crypto investor in France.
The timing also echoes a larger issue in crypto: personal data security. Just days before the Migos incident, Coinbase disclosed a major data breach affecting over 69,000 customers. According to regulatory filings, the breach began in December 2024 and lasted for months. It exposed both personal and financial data, and it’s now the subject of a class action lawsuit from investors who say Coinbase waited too long to go public with the information.
The Coinbase breach may not be linked to the Gokal doxxing, but the back-to-back headlines show how vulnerable even major crypto players can be to targeted attacks and data theft.
As for the Migos account, it’s still unclear how the hackers gained access. The group hasn’t released a statement, and there’s no word on whether their account had two-factor authentication or other protections enabled.
Gokal hasn’t commented on the latest incident either, though he has continued posting on X in recent days. Solana’s official channels also remain silent. The lack of a formal statement so far may reflect the sensitivity of the situation, especially since it involves not just Gokal but his family.
The crypto community has responded with a mix of outrage and unease. While hacks are common in the space, the use of a high-profile entertainment account to leak personal documents adds a new twist. Some called for better platform security across social media apps, while others urged crypto founders and public figures to adopt stricter personal safeguards.
For now, the damage is done. The leaked documents circulated widely before they were taken down, and while law enforcement may get involved, crypto-related cybercrime is notoriously hard to trace and prosecute. The attackers remain anonymous, and it’s unclear whether any funds were transferred or whether they managed to access other parts of Gokal’s digital life.
Unsplash
The incident serves as another reminder that in crypto, privacy and safety often rest on thin lines. Whether through a stolen password, a faked login screen, or a hijacked celebrity account, the risks continue to grow. For developers, investors, and anyone tied to web3, the lesson is the same: your data is always a target, and so are you.
