Celsius sent an email to its customers informing them that a list of their emails had been leaked by an employee of one of its business data management and messaging vendors.
According to Celsius, the breach came from an engineer at the Customer.io messaging platform who leaked the data to a third-party bad actor. The data breach is part of the same incursion that leaked OpenSea customer email addresses in June.
Celsius has however played down the incident stating that it did not “present any high risks to our clients,” adding that they just wanted users to “be aware.”
Customer.io wrote in a blog post that “We know this was a result of the deliberate actions of a senior engineer who had an appropriate level of access to perform their duties and provided these email addresses to the bad actor.” The employee has since been terminated.
The number of emails leaked was not disclosed, nor was the platform to which they were leaked. However, the crypto community has started to warn Celsius users of phishing attacks which usually follow an email data breach.
A similar data breach in April 2021, saw Celsius customers reportedly targeted by a fraudulent website claiming to be the official Celsius platform. Some received SMS and emails prompting them to reveal personal information and seed phrases.
