The Celsius community stated that the company has been contacting users to inform them of a data breach directly affecting them that could easily lead to phishing attempts.
The breach was identified on the 30th of June, the same time the OpenSea client data was leaked. At that time, Celsius reached out to Customer.io – the company handling market communications for both OpenSea and Celsius, who stated that Celsius’ client data was not leaked.
However, on the 8th of July, Customer.io representatives repudiated their statement and informed Celsius that some of their client data had been breached. The employee that breached the data has been terminated, and Customer.io updated its statement concerning the incident, stating that the data of five other customers had been leaked.
They said, “After further investigating the compromised OpenSea email addresses incident, we have learned today that the email addresses from five other customers were also provided to the same external bad actor.”
Celsius seems to be one of the five, as their users shared screenshots of cautionary emails they received on Twitter.
Following the screenshots shared by Celsius users, the only client data leaked to bad actors is a list of email addresses with no personal information,
A report states that Celsius does not foresee any further threats to client data security. But, the team has precautionary warned users to be on their guard and to contact Celsius support if affected.
“We do not consider the incident to present any high risks to our clients whose email addresses may have been affected but are releasing this communication to make sure you are aware.”