Crypto Lender Celsius Suffers Data Breach Through Third-Party Mailing List


Cryptocurrency lender Celsius Network has suffered a data breach that exposed customer data.

Compromised Third-Party Systems

According to an announcement from the company CEO Alex Mashinsky, hackers gained access to a backup third-party email distribution system Celsius uses. This data trove contained the personal details of its customers.

Armed with the list, the cybercriminals impersonated the company by sending malicious emails and text messages into tricking them into part ways with their private keys.

The hackers placed a phishing link in the emails that supposedly redirected Celsius users to a malicious web wallet that promises to compensate them with $500 for revealing their private keys.

The crypto lending platform said that the affected customers got this message in their emails and SMS. The crypto lender claimed they were able to nip the issue in the bud before damage was done. Celsius has informed the community that investigations are ongoing and customers should remain vigilant.

Even though Celsius says they were able to arrest the situation on time, a Reddit thread revealed the extent of the theft.

According to a Reddit user, the criminals made away with over $300,000 in the attack. Another user “VaporFye” provided a comprehensive guide on the phishing email wallet address and admitted to having lost 20 ETH (about $50,000) to the thieves.

The Wave of Malicious Attacks Sweeping Through

Malicious attacks on crypto projects have surged in the past year.

Last year, another crypto lending platform BlockFi had its systems compromised via one of its employees. The hacker was able to gain control of the employee’s phone number through a SIM swap attack. From there on, they accessed the company's systems. But, BlockFi claims the attacker could only access the company's retail marketing systems. The company said the intruder accessed no customer information.

Cryptocurrency wallet provider Ledger has also had its fair share of attacks.

According to a published correspondence, the crooks stole the personal data of customers. Ledger initially said that only 9,500 users were affected, but a subsequent investigation revealed those details were false. The exact figure was placed at more than a quarter-million.

Two of the affected parties, John Chu and Edward Baton, have since taken Ledger to court, citing the company’s attempts to cover up their negligence as a reason.

Get Daily Headlines

Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

What to Know More?

Join Our Telegram Group to Receive Live Updates on The Latest Blockchain & Crypto News From Your Favorite Projects

Join Our Telegram

Stay Up to Date!

Join us on Twitter to Get The Latest Trading Signals, Blockchain News, and Daily Communication with Crypto Users!

Join Our Twitter

Add comment

E-mail is already registered on the site. Please use the Login form or enter another.

You entered an incorrect username or password

Sorry, you must be logged in to post a comment.
Bitcoin Exchange Guide