- The same data breach that affected OpenSea has affected Celsius
- Customer.io removed its employee responsible for email leaks
Celsius users — look out for phishing attacks.
The cryptocurrency lender has warned customers that a data breach led to their emails being leaked.
Late Thursday, Celsius emailed users informing them that an employee at its email delivery vendor Customer.io accessed a list of client addresses and sent them to an unauthorized party.
The embattled firm said it didn’t consider the incident to pose “high risks,” and had been informed that no other Celsius-related data was compromised beyond identified email addresses.
About a month ago, collectibles platform OpenSea warned users that their email addresses were compromised in a similar leak. Customer.io was responsible for that incident too, since one of its employees abused their access. The vendor мындай деди: that the employee responsible had been terminated, had all access removed and was reported to law enforcement.
Celsius, aware that Customer.io was one of its vendors, said it proceeded to remove data held with the firm after the OpenSea episode. At the time, the vendor found no Celsius data involved in the breach.
But on July 8, Celsius was notified that it too had been affected by the same offender. In a билдирүү, Customer.io confirmed five clients apart from OpenSea were impacted by the email leaks. “We do not expect to learn any additional information since this incident resulted from the actions of a single employee, who had legitimate access to these email addresses as part of the employee’s job,” it added.
Celsius customers took to Twitter to express frustration over a stream of trouble they’ve had to face with the lender.
The firm is dealing with restructuring its assets after банкроттук жөнүндө арыз берүү on July 13. A court document shows Celsius has $5.5 billion in liabilities and $4.3 billion in assets, leaving it with a 1.2 миллиард доллар тешик анын балансында.
And while Celsius has been quick to downplay the risk to its users, similar data breaches have shown that affected users have actually lost funds due to phishing attacks.
When hardware wallet manufacturer Ledger suffered a маалыматтын агып кетиши of its marketing database in July 2020, its users were targeted with devious scams designed to steal their cryptocurrencies.
Shopify, the e-commerce giant that Ledger used to sell its wallets, also came under attack from users for “repeatedly and profoundly” failing to protect customer identities. Both firms were sued in April after victims lost some of their crypto assets.
DAS, тармактын сүйүктүү институттук крипто конференциясына катышыңыз. Билеттерге $250 арзандатуу үчүн NYC250 кодун колдонуңуз (Ушул аптада гана жеткиликтүү) .
Source: https://blockworks.co/celsius-admits-customer-emails-leaked-in-third-party-data-breach/