Celsius also hit by Costumer.io email data breach
An employee at one of Celsius’ vendors leaked a list of customer emails to a «third-party bad actor,» according to the company.
The crypto lender said in an email Thursday that it was hit by the same Costumer.io data breach that impacted OpenSea as well.
Although Celsius doesn’t think that its customers face «any high risks,» it does see the data breach as a «severe violation of vendor-client relations» and has contacted the appropriate authorities, the company said.
Five other Costumer.io customers were affected beyond OpenSea, according to an update from the company.
Costumer.io initially said on June 30 that no Celsius data had been affected, Celsius’ email said. On July 8, however, the company warned that a list of Celsius customer emails had in fact been leaked, even though Celsius had removed all data held with Costumer.io right after finding out about the incident.
Costumer.io also said that «no other Celsius client data was accessed or taken by the employee.»
The employee in question was a senior engineer that has since been fired, Costumer.io’s update noted.
«We do not expect to learn any additional information since this incident resulted from the actions of a single employee, who had legitimate access to these email addresses as part of the employee’s job,» it also said.