Celsius says user data compromised in email leak

For the 300,000 Celsius users with funds frozen in their accounts — some of which could be permanently inaccessible — a new update from the ailing crypto exchange won’t inspire much confidence. This week, the company notified a portion of its user base about a data breach that has led to “a list of Celsius client email addresses,” being “transferred to a third-party.” Yikes.

Customer.io, an email marketing platform, had noted in a blog post that a rogue employee leaked client email addresses to what is described as a “third-party bad actor.” The platform was a vendor for Celsius and some of the latter’s user emails were part of this data breach.

Celsius claims that it became aware of the situation on July 8, which would have been about a couple weeks removed from its transaction freeze. The company notes that it does not consider the leak to “present any high risks,” but then again this is the same platform that touted its “strong liquidity framework,” four days before blocking user withdrawals.

Alex Mashinsky, founder and CEO of Celsius.SOPA Images/LightRocket/Getty Images

What does this mean? — The breach is just another unfortunate step towards the abyss for a platform that has managed to shatter any kind of credibility. It’s probably worth pointing out that the cause of the leak was due to the actions of a single employee at another company, but still, the Celsius story continues to spiral into tragedy.

Those who received this notice should be more attuned to any potential scam email requests or messages. At least one user in Reddit’s Celsius subreddit has pointed out a dubious message they received in light of the email leak coming to light.

As far as the millions of frozen funds that are still being stowed away while Celsius undergoes bankruptcy proceedings: users will simply have to buckle in and wait to see how the situation unfolds.