Celsius was the victim of a data leak concerning part of its customers, due to an incident involving a service provider. Emails were extracted.
Things are not going well for the Celsius platform, which specializes in cryptocurrencies. One might even think that it is getting worse and worse. The site, which has already had to declare bankruptcy, and which is clearly unable to return the money due to everyone, was this time the victim of a computer incident. Data was collected and then disseminated without authorization.
The Incident has been reported on Twitter on July 28 on the account run by Celsians, which relays Celsius news. ” We are writing to inform you that we have recently been notified by our supplier Customer.io that one of their employees has accessed a list of Celsius customer email addresses held on their platform and deleted them to a third party. »
Emails from customers wander in nature. Beware of phishing
It appears, in the current state of the investigations accelerated by Celsius and Client, that only the e-mail addresses were compromised. Clearly, a Customer employee accessed a Celsius customer email list that was on the provider’s platform — Customer is an email platform that Celsius works with.
This employee then forwarded said list to a malicious third party. It is not clear if this sending resulted in an error or if it was made. Still, the leak would be limited to emails only – even if the first and last name can still be found, if they appear in the identifier. No other information was exposed, Celsius said.
” We are not discussing that the incident poses risks to our customers whose email addresses may have been affected, but we are disseminating this communication to ensure that you are aware », Celsius claims in his post, released at the end of July. A questionable assertion, because these emails can be used for phishing campaigns.
Phishing is known to be common in the cryptocurrency space, as this method of capturing personal information (like usernames and passwords) can lead to results. By recovering these elements, hackers are able to access poorly protected accounts and then steal funds, passing them from one wallet to another.
The extent of the contents of this list is not known. Celsius ensures that for its part, the security and integrity of its systems have not been compromised or implicated in this leak. The problem, identified as early as June 30 by Celsius, took almost a month to be made public. Meanwhile, on July 8, the nature of the incident had been established after investigation.
The fact remains that it is through its partners that the concern arose. In terms of compromise, it doesn’t matter if the Celsius “link” is very strong: it is the level of resistance of the weakest link that matters in computer security. And here, it was obviously Client’s internal procedures, because it was not possible to prevent this disclosure.