Celsius also hit by Customer.io email data breach

Quick Take

  • A list of Celsius customer emails was leaked by an employee at one of the company’s vendors.
  • The incident is connected to the same data breach that affected OpenSea last month.

An employee at one of Celsius' vendors leaked a list of customer emails to a "third-party bad actor," according to the company.

The crypto lender said in an email Thursday that it was hit by the same Customer.io data breach that impacted OpenSea as well

Although Celsius doesn't think that its customers face "any high risks," it does see the data breach as a "severe violation of vendor-client relations" and has contacted the appropriate authorities, the company said.

Five other Customer.io customers were affected beyond OpenSea, according to an update from the company.

Customer.io initially said on June 30 that no Celsius data had been affected, Celsius’ email said. On July 8, however, the company warned that a list of Celsius customer emails had in fact been leaked, even though Celsius had removed all data held with Customer.io right after finding out about the incident.


Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

Customer.io also said that "no other Celsius client data was accessed or taken by the employee."

The employee in question was a senior engineer that has since been fired, Customer.io's update noted.

"We do not expect to learn any additional information since this incident resulted from the actions of a single employee, who had legitimate access to these email addresses as part of the employee’s job," it also said.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.