{"id":478957,"date":"2022-07-29T06:45:07","date_gmt":"2022-07-29T03:45:07","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/phishing-risks-escalate-as-celsius-confirms-client-emails-leaked\/"},"modified":"2022-07-29T06:45:07","modified_gmt":"2022-07-29T03:45:07","slug":"phishing-risks-escalate-as-celsius-confirms-client-emails-leaked","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/phishing-risks-escalate-as-celsius-confirms-client-emails-leaked\/","title":{"rendered":"# Phishing risks escalate as Celsius confirms client emails leaked"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a36e786af5ad\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a36e786af5ad\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/phishing-risks-escalate-as-celsius-confirms-client-emails-leaked\/#%E2%80%9D_Phishing_risks_escalate_as_Celsius_confirms_client_emails_leaked_%E2%80%9C\" >&#8221; Phishing risks escalate as Celsius confirms client emails leaked &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Phishing_risks_escalate_as_Celsius_confirms_client_emails_leaked_%E2%80%9C\"><\/span>&#8221; Phishing risks escalate as Celsius confirms client emails leaked &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div class=\"post-content\" data-v-28d77a7a>Celsius depositors should be on the lookout for phishing scams after the company revealed some of its customer data has been leaked in a third-party data breach.\u00a0<\/p>\n<p>On July 26, Celsius sent an email to its customers informing them that a list of their emails had been leaked by an employee of one of its business data management and messaging vendors. <\/p>\n<p>According to Celsius, the breach came from an engineer at the Customer.io messaging platform who leaked the data to a third-party bad actor.<\/p>\n<p>\u201cWe were recently informed by our vendor Customer.io that one of their employees accessed a list of Celsius client email addresses,\u201d said Celsius in its email to customers. The data breach is part of the same incursion that leaked OpenSea customer email addresses in June.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Announcement from Celsius: \u201cWe are writing to let you know that we<br \/>were recently informed by our vendor<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/452EROQtbc\">https:\/\/t.co\/452EROQtbc<\/a> that one of their employees<br \/>accessed a list of Celsius client email<br \/>addresses held on their platform and<br \/>transferred those to a third-party.\u201d<\/p>\n<p>\u2014 Celsians (@CelsiansNetwork) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/CelsiansNetwork\/status\/1552737193407533057?ref_src=twsrc%5Etfw\">July 28, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nCelsius has however played down the incident stating that it did not \u201cpresent any high risks to our clients,\u201d adding that they just wanted users to \u201cbe aware.\u201d<\/p>\n<p>On July 7, Customer.io wrote in a blog<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/customer.io\/blog\/update-to-compromised-email-addresses-incident\/\"> post<\/a> that \u201cWe know this was a result of the deliberate actions of a senior engineer who had an <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ropriate level of access to perform their duties and provided these email addresses to the bad actor.\u201d The employee has since been terminated.<\/p>\n<p>The number of emails leaked was not disclosed, nor was the platform to which they were leaked.<\/p>\n<p>However, the crypto community has started to warn Celsius users of phishing attacks which usually follow an email data breach.<\/p>\n<p>Phishing is a form of <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">social<\/a> engineering in which targeted emails are sent to lure victims into revealing more personal data or clicking links to malicious websites that installs malware to steal or mine crypto.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">\u26a0\ufe0f Celsius users should expect phishing emails along the lines of &#8220;Verify your wallet to withdraw your funds&#8221; that will phish for your SRP\/PKey due to this<\/p>\n<p>Remember, your SRP should only be known to you and you only <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/QYuDhEE7aL\">https:\/\/t.co\/QYuDhEE7aL<\/a><\/p>\n<p>\u2014 harry.eth  (whg.eth) (@sniko_) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/sniko_\/status\/1552801184288804869?ref_src=twsrc%5Etfw\">July 28, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>A similar data breach in April 2021, saw Celsius customers reportedly targeted by a fraudulent website claiming to be the official Celsius platform. Some received SMS and emails prompting them to reveal personal information and seed phrases.<\/p>\n<p>At the time, the company<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/blog.celsius.network\/celsius-security-notice-april-2021-154a587f7ca3\"> reported<\/a> that hackers had gained access to a third-party email distribution system it uses. <\/p>\n<p><strong><em>Related:<\/em><\/strong><strong><em> <\/em><\/strong><strong><em>Email server breach sees Celsians targeted by phishing attacks<\/em><\/strong><\/p>\n<p>Perhaps the most famous crypto data breach was from hardware wallet provider Ledger, which had its servers hacked in 2020. The spewing of thousands of customers\u2019 personal details on the internet resulted in untold losses and even physical threats for many victims, yet the company has refused to compensate them. <\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/s3.cointelegraph.com\/uploads\/2022-07\/dd04db46-af1d-4ee3-8152-841065abb513.jpg\" alt=\"\" title=\"\"><figcaption style=\"text-align: center;\">Celsius email to customers on July 26.<\/figcaption><\/figure>\n<p><template data-name=\"subscription_form\" data-type=\"law_decoded\"><\/template><\/p>\n<\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/phishing-risks-escalate-as-celsius-confirms-client-emails-leaked\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Phishing risks escalate as Celsius confirms client emails leaked &#8220; Celsius depositors should be on the lookout for phishing scams after the company revealed some of its customer data has been leaked in a third-party data breach.\u00a0 On July 26, Celsius sent an email to its customers informing them that a list of their&#8230;<\/p>\n","protected":false},"author":1,"featured_media":478958,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDcvZWNhZmFmYzEtNTQ4NS00NDM3LWE4ODYtNTIxZGJkM2VkMjBhLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74882,117,74714,75134],"class_list":["post-478957","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-hacks","tag-business","tag-email","tag-phishing"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/478957","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=478957"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/478957\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/478958"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=478957"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=478957"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=478957"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}