Celcius Client Data Leaked in the Same Breach as OpenSea

According to the Celsius community, the company has allegedly been contacting users to inform them of a data breach directly affecting them that could easily lead to phishing attempts.

One Disgruntled Employee, Two Mailing Lists

Announcement from Celsius: “We are writing to let you know that we
were recently informed by our vendorhttps://t.co/452EROQtbc that one of their employees
accessed a list of Celsius client email
addresses held on their platform and
transferred those to a third-party.”

— Celsians (@CelsiansNetwork) July 28, 2022

The breach was reportedly identified on the 30th of June, at the same time as the OpenSea client data leak. Back then, Celsius reached out to Customer.io – the company handling market communications for both OpenSea and Celsius – who stated that the crypto lender’s client data was unaffected.

However, on July 8, Customer.io representatives allegedly recanted their statement and informed Celsius that some of their client data actually had been breached. The employee has since been terminated, and Customer.io updated its statement on the incident, stating that the data of five other customers had also been stolen.

“After further investigating the compromised OpenSea email addresses incident, we have learned today that the email addresses from five other customers were also provided to the same external bad actor.”

It appears that Celsius may have been one of the five, as users took to Twitter to share screenshots of cautionary emails that they received.

pic.twitter.com/hIOxPPPxf7

— db (@tier10k) July 28, 2022

Phishing Attempts Expected

According to the screenshots shared by Celsius users, the only client data leaked to bad actors is a list of email addresses with no other personally identifying information (PII).

Celsius reportedly does not foresee any major threats to further client data security. However, the team has nevertheless warned users to be on their guard and to contact Celsius support if affected.

“We do not consider the incident to present any high risks to our clients whose email addresses may have been affected but are releasing this communication to make sure you are aware.”

Meanwhile, cybersecurity researchers have warned users that possible phishing emails will likely be in the form of a link to a fake verification process allowing users to withdraw funds. It is, however, rather ironic that even though this would be a nifty bit of social engineering – especially since Celsius withdrawals are still frozen – withdrawals from the platform are still, well, suspended. Therefore, it’s rather unclear how bad actors could drain an unsuspecting victim’s wallet anyhow.

Nevertheless, the incident is another important reminder to all to keep their private keys safe and offline and to avoid following links or QR codes whose origins cannot be ascertained.

As Celsius’ court case trundles on, this incident will likely be yet another worrying thought on the minds of the platform’s users.

Related Posts

Crypto-focused venture firm Dragonfly acquires hedge fund: Bloomberg

Amid the grueling bear market for Bitcoin, Ether and altcoins, the cryptocurrency industry is undergoing consolidation. Cryptocurrency venture firm Dragonfly has acquired a digital asset-focused investment fund…

Binance distances from WazirX as Indian regulators keep chasing crypto

The ownership of WazirX became a hot topic as CZ claimed the deal never went through, but three years later, there’s still no clarity. The Twitter exchange…

Saddle Finance Redefines Trading of Pegged Value Assets with Ease And Security

Are you ready to Saddle up? A decentralized finance platform architectured to facilitate efficient trade between pegged crypto assets is now one of the most prominent names…

How Revolut Will Launch New Crypto Platform, Cyprus Grants Authorization

Per a report from Atlfi, fintech company Revolut will be able to offer more crypto products to its customers. The one-stop app for “all things money” has…

Biggest Movers: SHIB Remains Near 3-Month High, Whilst LEO Hits 2-Week High 

Shiba inu remained close to a three-month high to start the week, after breaking out of a key resistance level over the weekend. The surge of the…

Bitcoin Dominance Rate (BTCD) Continues to Fall as Ethereum (ETH) Increases

The Bitcoin dominance rate (BTCD) has broken down from its long-term bullish structure, while the ETH/BTC chart shows potential for upside. Between May and Dec 2021, BTCD…

Generated by Feedzy