Celsius has revealed that a list of its users’ email addresses was stolen by a Customer.io employee during the same data breach that affected NFT marketplace OpenSea in late June.
Key Takeaways
Celsius reported today that a Customer.io employee breached its list of user email addresses last month.
OpenSea was the first target of this breach; however, further investigations have found other companies were also affected.
The incident comes at a difficult time for Celsius, which recently suspended user withdrawals and filed for bankruptcy.
Share this article
Celsius said today that a list of client email addresses was leaked through the automated messaging platform Customer.io.
Customer.io Leaked Celsius Email List
A Customer.io employee has leaked a list of email addresses belonging to Celsius customers.
Today, Celsius sent an email to its users indicating that “one of [Customer.io’s] employees accessed a list of Celsius client email addresses.” The employee then sent those addresses to an unnamed, malicious third party.
The beleaguered crypto lender stated that the addresses had been held in Customer.io’s records for marketing purposes and that user accounts were not directly breached. Celsius also said that the incident did not “present any high risks to our clients” and that, while it has yet to see proper evidence of the breach, it had chosen to bring it to its users’ attention.
According to Celsius, the data breach is part of the same attack that leaked user email addresses tied to the NFT marketplace OpenSea in late June. At the time, Celsius had been told that none of its data had been compromised. However, as a precaution, it removed all of its data from Customer.io.
Yet on July 8 Customer.io notified Celsius that, upon further investigation, it had found that one of its employees had in fact accessed the list of user email addresses. Customer.io said today that five other companies other than OpenSea were targeted in the breach. Unstoppable Domains appears to be one of them.
In response, Customer.io said that the employee responsible for the breach has been terminated and reported to law enforcement.
Though email address theft is not uncommon, the incident comes at an unfortunate time for Celsius. The firm, which has been suffering from a liquidity crisis which it claims was prompted by “extreme market conditions,” suspended user withdrawals in June and is now engaged in bankruptcy proceedings.
Disclosure: At the time of writing, the author of this piece owned BTC, ETH, and other cryptocurrencies.
Share this article
The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.
You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.
