# Solana Co-Founder's Data Exposed in Migos Instagram Hack Tied to 40 BTC Ransom
A serious cybersecurity breach has left fans of rapper Migos reeling, as the artist's official Instagram account was compromised on May 25, 2025. The hack not only exposed personal data belonging to none other than Solana co-founder Raj Gokal but also demanded a ransom of 40 Bitcoin.
## A Sensitive Leak
The breach began when multiple images of Gokal and his wife were leaked online, including identification documents such as passports and driver's licenses. These photos were posted on Migos' Instagram account, giving fans an uncomfortable glimpse into the personal life of one of crypto's most prominent figures.
### Leaked Images Sparked Concern
The compromised posts displayed a mix of sensitive information, including phone numbers, email addresses, and even a photo of Gokal holding up his passport. One post included a cryptic caption reading, "It was only 40 BTC... should've paid." The posts remained visible for approximately 90 minutes before Meta took action to remove them and regain control of the account.
## Social Engineering Tactics
Blockchain investigator ZachXBT suggested that the attackers employed social engineering tactics over the past week to target Gokal. According to ZachXBT, the hackers used personally identifiable information (PII) acquired beforehand to extort funds from Gokal.
### Extortion and Leaked Data
"He tried to extort him for funds with the PII obtained," ZachXBT stated on X, formerly Twitter. "Guess he didn’t pay so they started trolling and posted it after they compromised Migos Instagram account today."
## Questions Raised Over Coinbase Link and Data Origin
Analysts have speculated that the leaked images may be Know Your Customer (KYC) verification files, typically used for identity confirmation by crypto platforms. This has led some to believe that Gokal's data might be linked to the recent Coinbase data breach.
### Speculation Surrounds KYC Files
Earlier in May, Coinbase disclosed a security incident that affected roughly 1% of its monthly active users, with hackers demanding a $20 million ransom. Although no payment was made, fears have grown that the attackers may have accessed user KYC documents, including photographs used in self-verification.
"If they have the KYC for the founders of Solana, then they have the KYC for every single person that ever used their platform," one analyst wrote. Despite speculation, there is currently no verified evidence linking Gokal's data leak directly to the Coinbase breach.
## Meta Faces Pressure Amid Rising Crypto-Related Account Breaches
This incident adds to a growing list of high-profile social media breaches involving crypto scams. Bad actors have increasingly hijacked verified accounts of celebrities and influencers to shill fraudulent tokens, often leaving victims with unrecoverable losses.
### Evolving Tactics in Crypto-Targeted Cyberattacks
The use of a popular public figure's compromised Instagram account to leak sensitive data raises urgent questions for platforms like Meta on how they are addressing these breaches. As the full extent of the information leak remains unknown, users across the crypto community are being urged to stay alert, monitor their digital accounts closely, and practice enhanced cybersecurity hygiene in light of these developments.
Stay informed about the latest developments in the world of cryptocurrency and cybersecurity by following our updates and analyses.