Celsius Users Under Phishing Risks as Already Troubled Firm Now Faces Data Breach Scandal

An unnamed employee of Celsius’ social media handler Customer.io accessed a list of Celsius client email addresses and transferred those to a third-party.

Celsius Users Under Phishing Risks as Already Troubled Firm Now Faces Data Breach Scandal

Photo Credit: Facebook/ Celsius Network

Customer.io has terminated the employee who leaked the information

Highlights
  • Celsius has claimed only users’ email addresses have been leaked
  • Customer.io has issued an apology
  • Customer.io has opened a legal case on its now terminated employee

Celsius Network has disclosed to its community that it has suffered a data breach, warning users against threats of phishing attacks. An unnamed employee of Celsius' third-party social media handler Customer.io accessed a list of Celsius client email addresses and transferred those to a third-party. Customer.io handles the market communications for both, Celsius as well as OpenSea. In June, OpenSea also reported a data breach. At the time, Customer.io had informed Celsius that its user data was safe.

After firing the concerned employee, Customer.io conducted internal analysis through the month of July, and later warned Celsius about the data breach incident.

Celsius, the crypto lending firm is now in the process of informing its users about this breach, asking them to be alert and not share sensitive information with unverified strangers.

It looks like tough days are nowhere near an end for Celsius. The company, struck by the recent crypto slump, has filed for bankruptcy.

As per Celsius, only a list of its client email addresses saved with Customer.io was leaked by the now terminated engineer, and no other information is expected to have become part of the breach.

Customer.io has also published a blog post addressing the incident.

“Despite the many precautions taken to protect our customer data, the employee's role enabled specific access to these email addresses. This employee has been terminated, all access has been revoked and we have reported this employee to law enforcement,” the company wrote.

In June, when OpenSea NFT marketplace suffered the data breach, its users had complained about being bombarded with emails that resembled phishing attempts.

Phishing is a category of cyber-attack in which specific emails are directed at potential victims in an attempt to lure them into clicking malicious links, or download malware to mine or steal their crypto holdings.


Why is Oppo making strange choices with its flagship Reno series? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Radhika Parashar
Radhika Parashar is a senior correspondent for Gadgets 360. She has been reporting on tech and telecom for the last three years now and will be focussing on writing about all things crypto. Besides this, she is a major sitcom nerd and often replies in Chandler Bing and Michael Scott references. For tips or queries you could reach out to her at RadhikaP@ndtv.com. More
Backbone One PlayStation Edition Controller for iPhone Launched, Sony Adds 1440p Support to PS5
Share on Facebook Tweet Snapchat Share Reddit Comment

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2022. All rights reserved.