Share this article
Celsius Suffers Third-Party Data Breach, Customers Report Phishing Texts, Emails
The crypto lender's data leak comes almost a year to the date after a similar data leak hit BlockFi.
Updated Sep 14, 2021, 12:41 p.m. Published Apr 15, 2021, 4:31 p.m.
Make us preferred on Google
Crypto lending service Celsius has discovered a data breach with one of its third-party service providers has exposed the personal information of its customers, an email sent to Celsius customers and shared with CoinDesk confirms.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
Hackers gained access to a “third-party email distribution system” Celsius uses, according to the email. The hackers have used this information to send fraudulent emails and text messages to Celsius to trick them into revealing the private keys to their funds.
“On April 14, 2021, Celsius customers began reporting a fraudulent website claiming to be an official Celsius platform. We also became aware of some Celsius customers receiving SMS and email messages, that claimed to be official Celsius communication, linking to that website, and prompting recipients to enter sensitive information,” the email reads.
“An unauthorized party managed to gain access to a back-up third-party email distribution system which had connections to a partial customer email list. Once inside the system, this unauthorized party sent a fraudulent email announcement, of which we know some of the recipients to be Celsius customers.”
The team is still investigating how the hackers gained access to the phone numbers of Celsius' clients, considering the breach occurred with an email management system.
Notably, Celsius clients report receiving phishing messages to phone numbers that they never provided to Celsius.
My friend received the scam via sms (which means they have phone numbers), which is weird because we never gave our phone number to Celsius... Looking forward to hearing back from you guys about that event!
— MB777 (@mathburn666) April 15, 2021
"The phishing scam’s goal was to get access to recipients’ external wallets, not Celsius wallets, by leveraging the trust that our community has in us. We know that customers who had not registered an email or phone number with Celsius also received fraudulent messages to these contact details, thus we believe the data was collected from external data sources," CEO Alex Mashinsky said in a statement.
Read more: From SIM-Swaps to Home-Invasion Threats, Ledger Leak Has Cascading Consequences
Last spring, Celsius competitor BlockFi suffered a similar data breach, though by way of a hacker gaining access to an employee's company accounts through a sim swap. Hardware wallet producer Ledger has also suffered leaks of its customer data. Such leaks can put users' funds (not to mention their physical safety) at risk.
This is a developing story and will be updated.
More For You
Pudgy Penguins is building a multi-vertical consumer IP platform — combining phygital products, games, NFTs and PENGU to monetize culture at scale.
What to know:
Pudgy Penguins is emerging as one of the strongest NFT-native brands of this cycle, shifting from speculative “digital luxury goods” into a multi-vertical consumer IP platform. Its strategy is to acquire users through mainstream channels first; toys, retail partnerships and viral media, then onboard them into Web3 through games, NFTs and the PENGU token.
The ecosystem now spans phygital products (> $13M retail sales and >1M units sold), games and experiences (Pudgy Party surpassed 500k downloads in two weeks), and a widely distributed token (airdropped to 6M+ wallets). While the market is currently pricing Pudgy at a premium relative to traditional IP peers, sustained success depends on execution across retail expansion, gaming adoption and deeper token utility.
More For You
HYPE token's 50% surge is a story of crypto-traditional market convergence, treasury firm says
HYPE has surged 50%, outperforming bitcoin, ether and the CoinDesk 20 index by a big margin.
What to know:
- Hyperliquid's HYPE token has surged more than 50% to $34.57 this week, far outpacing bitcoin, ether and the broader crypto market, as trading activity on the platform accelerates.
- The token rally represents the merging of traditional assets with the crypto world, according to Hyperion DeFi, which is a HYPE treasury company.
- Originally a crypto perpetuals exchange, Hyperliquid has expanded into tokenized trading of equity indices, individual stocks, commodities and major fiat pairs via its HIP-3 upgrade.
Top Stories
