Celsius users should be alert for phishing scams after the Corporation disclosed that some of its client data had been compromised by a third party. Celsius customers were notified via email on July 26 that a list of their email addresses had been exposed by a staff of one of its corporate data management and messaging partners.
According to the Corporation, a Customer.io messaging platform engineer was responsible for the breach by disclosing user information to a malicious third party. It is worth noting that It is not the first time Celsius’ customer emails have been exploited and leaked online.
Phishing is a type of social engineering in which specific emails are sent to victims in an effort to persuade them into disclosing more personal information or clicking links to dangerous websites that download malware to mine or steal cryptocurrency.
Celsius users cautioned due to past phishing attempts
In a detailed blog post on July 7,Customer.io stated
“Despite the numerous security measures in place to safeguard our customer’s information, the employee’s position gave them unique access to these email addresses. All-access has been withdrawn for this employee, who has also been fired, and reported to law enforcement.”
Both the number of emails that were released and the platform where they were leaked was not disclosed. However, the crypto community has begun to alert Celsius users to phishing attempts, which typically occur after a data breach involving emails.
A malicious website posing as the legitimate Celsius platform allegedly targeted Celsius subscribers in April 2021 during a similar data breach. Some people received emails and SMS messages asking them to provide personal information and codes.
At the time, the business revealed that hackers had acquired access to a third-party email distribution system it used.
The hardware wallet manufacturer Ledger experienced the most well-known crypto data breach when its servers were compromised in 2020. Countless customers experienced incalculable losses and even physical threats as a result of thousands of customers’ personal information being published online. The Corporation has, however, declined to grant them compensation.