Solana Co-Founder's Personal Data Leaked Through Hacked Migos Instagram Account
The Instagram account of hip-hop group Migos, boasting over 13 million followers, was compromised to expose sensitive personal information belonging to Solana co-founder Raj Gokal.
Hackers posted multiple images revealing Gokal’s passport, driver’s licence, phone number, address, and family photos — including pictures of his wife holding her driver’s licence.
The leaked materials appear to be KYC documents, commonly used for identity verification, raising questions about the possible source of the breach.
Did Social Engineering Lead to the Massive Leak?
Security experts, including blockchain investigator ZachXBT, suggest the attackers used social engineering tactics, likely phishing, to gain access to Gokal’s personal data.
The leaked documents might have been taken directly from Gokal’s devices or through a compromised third-party service handling identity verifications.
The incident highlights ongoing security vulnerabilities, especially on Instagram, where inactive high-profile accounts like Migos’ remain easy targets.
Blackmail Demands 40 Bitcoins Highlight Severity
The hackers demanded a ransom of 40 BTC—approximately $4.4 million at current Bitcoin prices—warning “You should’ve paid the 40 BTC” in the posts.
One of the images posted on the Instagram account during the hack.
After Gokal reportedly refused to pay, the attackers published the stolen personal information on the hijacked account.
The posts remained visible for about 90 minutes, attracting thousands of interactions before Instagram deleted them.
Images posted by the hackers
The bio of the Migos account was also changed to “CHECK BIO FOR MEMECOIN,” suggesting a secondary attempt to promote or sell a fake cryptocurrency.
Gokal Warns Followers About Account Takeover Attempts
Prior to the hack, Raj Gokal had alerted his followers on X (formerly Twitter) about ongoing attempts to control his email, social media, and other accounts.
He wrote:
“Attackers have been trying to take control of my email, social media, Google, Apple, etc. this past week. If you see anything suspect (token launch, soliciting funds, etc) that means they got through. Be careful out there.”
His warnings hint that the hackers had been targeting him for several days before succeeding.
Instagram Faces Criticism Over Response Speed
The delay in removing the compromising posts has drawn criticism towards Meta and Instagram for slow action during hacking incidents.
Online commentators, including Andy, co-founder of The Roll Up podcast, remarked that the attack exposed weaknesses in Instagram’s approach to doxxing and account security, especially for accounts that have been inactive for months.
The Migos account had not posted since mid-February, possibly contributing to its vulnerability.
Ripple Effects and Further Data Exposure
Alongside Gokal’s information, other personal data reportedly linked to an individual named “Arvind” — including details about their Solana (SOL) balance — were also leaked via the same Instagram account.
Additionally, the hackers posted a link to a Telegram group, which appeared to be selling unreleased Migos music tracks, blending personal data exposure with potential piracy or scam activities.
No Indications of Wider Solana Ecosystem Breach
Despite the severity of the data leak, there have been no reports of attacks on the Solana blockchain or announcements of fraudulent token launches connected to the hack.
The incident seems driven by personal motives or financial extortion rather than an attempt to disrupt the blockchain network itself.
This case adds to the growing trend of high-profile social media accounts being exploited by hackers, often to push fake cryptocurrencies or scams.
It also serves as a stark reminder of the dangers of phishing and social engineering, particularly for influential figures within the tech and crypto industries.