Monday 15 August 2022
Home / adoption / Phishing risks escalate as Celsius confirms client emails leaked

Phishing risks escalate as Celsius confirms client emails leaked

Celsius depositors should be on the lookout for phishing scams after the company revealed some of its customer data had been leaked in a third-party data breach.

On Tuesday, Celsius sent an email to its customers informing them that a list of their emails had been leaked by an employee of one of its business data management and messaging vendors.

According to Celsius, the breach came from an engineer at the Customer.io messaging platform, who leaked the data to a third-party bad actor.

“We were recently informed by our vendor Customer.io that one of their employees accessed a list of Celsius client email addresses,” said Celsius in its email to customers. The data breach is part of the same incursion that leaked OpenSea customer email addresses in June.

Celsius has, however, played down the incident stating that it did not “present any high risks to our clients,” adding that they just wanted users to “be aware.”

On July 7, Customer.io wrote in a blog post that “We know this was a result of the deliberate actions of a senior engineer who had an appropriate level of access to perform their duties and provided these email addresses to the bad actor.” The employee has since been terminated.

The number of emails leaked was not disclosed, nor was the platform to which they were leaked.

However, the crypto community has started to warn Celsius users of phishing attacks which usually follow an email data breach.

Phishing is a form of social engineering in which targeted emails are sent to lure victims into revealing more personal data or clicking links to malicious websites that installs malware to steal or mine crypto.

A similar data breach in April 2021 saw Celsius customers reportedly targeted by a fraudulent website claiming to be the official Celsius platform. Some received SMS and emails prompting them to reveal personal information and seed phrases.

At the time, the company reported that hackers had gained access to a third-party email distribution system it uses.

Related:Email server breach sees Celsians targeted by phishing attacks

Perhaps the most famous crypto data breach was from hardware wallet provider Ledger, which had its servers hacked in 2020. The spewing of thousands of customers’ personal details on the internet resulted in untold losses and even physical threats for many victims, yet the company refused to compensate them.

Celsius email to customers on July 26.

About Sean Patterson

Check Also

How High Can Ethereum Go Before The Merge

The Ethereum “Merge” has become a hot topic among top crypto analysts after the incident that led to the collapse of the Ethereum network in the sale of Otherside by Yuga labs, with nearly $200M lost as gas fees. Related Reading: Proof of Work Vs Proof of Stake – Laneaxis The Ethereum merge, also known as Ethereum 2.0, is the upgrade of the existing execution of the Ethereum layer 1 from proof-of-work (PoW) to proof-of-state (PoS), Beacon chain. 5 BTC + 300 Free Spins for new players & 15 BTC + 35.000 Free Spins every month, only at mBitcasino. Play Now! POW was first used by the early pioneers of the blockchain Bitcoin and Ethereum. It aims to achieve decentralization and security by using miners to decode cryptographic algorithms or puzzle-like maths. As the demand increases for transactions, it becomes slow, gas fees increases, and resources intensify. Proof-of-Stake (POS) is similar to POW, just that users authenticate transactions on the blockchain employing stake and get re..

Leave a Reply

Your email address will not be published. Required fields are marked *