Celsius Security Notice — April 14–16, 2021

Check back for timely updates.

6 min readApr 14, 2021

Sunday, April 25, 2021

Reminder: Be aware of phishing sites and always make sure you are visiting the official celsius.network website and app. Do not click on links or browse websites you suspect to be fraudulent. Interacting with phishing sites could expose your device to malware.

Celsius will never ask you for confidential information such as passwords, private keys, seed phrases, or secret codes. You should store this information privately and securely and report any suspicious activity. More security tips →

For anyone that may have lost funds in the recent phishing attempts outlined below or would like to update their Celsius account email address, please reach out to our team directly by emailing app@celsius.network.

Saturday, April 24, 2021

Friday, April 16, 2021

1:00 PM EST

Alex addresses the latest security updates and answers your questions in today’s AMA.

11:30 AM EST

In response to recent events, some members of the Celsius community had the inspiring idea to start a compensation fund to assist those who may have lost their crypto assets. We’re happy to share that we have set up the Celsians Care Fund under the following addresses to accept contributions:

CEL: 0x54BD1BaeB7b860119253f5bB56250F8aFb2a22c4

BTC: 1KBdR5jQ9unrGxevHnFdFwphpu1nS7AD6E

ETH: 0x7DBe022DcDef584E68bb5D75EfBac4BD3f4a53b7

As we evaluate the broader impact on the Celsius community, we will determine how to appropriately match any community contributions that are donated to these wallets.

7:09 AM EST

Thursday, April 15, 2021

4:00 PM EST

An update from Celsius founder and CEO, Alex Mashinsky:

“I would like to reassure our community that Celsius remains fully secure and our own systems have not been breached in any way. Customer funds and sensitive data are safe within our back-end systems, and our security team has done an incredible job to identify the situation and very quickly notify the Celsius community with extreme urgency on the steps and precautions to be followed. This rapid response has helped minimize the impact to the Celsius community.”

Read the full update here →

10:30 AM EST

An update from Celsius founder and CEO, Alex Mashinsky:

Dear Celsians,

Nothing is more important to us than complete transparency with our community. That’s why I’m updating you with all of the details we currently have about a recent security incident that has affected some of our Celsius customers.

I’ll start with the most important news: all funds are safe. Our back-end systems remain fully secure and have not been breached. Customer funds and sensitive data are not affected nor connected to any front-facing or external communications platforms.

Our incredibly talented security team is working around the clock to investigate what happened. Below is a summary of what we know so far.

What happened:

On April 14, 2021, Celsius customers began reporting a fraudulent website claiming to be an official Celsius platform. We also became aware of some Celsius customers receiving SMS and email messages, that claimed to be official Celsius communication, linking to that website, and prompting recipients to enter sensitive information.

What we know:

An unauthorized party managed to gain access to a back-up third-party email distribution system which had connections to a partial customer email list. Once inside the system, this unauthorized party sent a fraudulent email announcement, of which we know some of the recipients to be Celsius customers.

The intent was to make the recipients believe the fraudulent email came from Celsius, that the fraudulent site was a true Celsius site, and to take ownership of recipients’ cryptocurrency assets from their personal (non-Celsius) wallet by prompting the user to provide the seed phrase to their personal wallet address.

**NEVER GIVE ANYONE YOUR SEED PHRASE OR PRIVATE KEY**

What we are still investigating:

Our team is actively working to understand how the unauthorized party managed to gain access to the third-party email distribution system and the source of the list used to send fraudulent communications via SMS.

We are checking with all of our third-party vendors and within other recent external/public data leaks to understand where this information came from and if third-party platforms have been vulnerable to any related incidents. We know that customers who had not registered an email or phone number with Celsius also received fraudulent messages to these contact details, thus we believe the data was collected from external data sources.

What this means for Celsius customers:

Our security team is currently working to identify and notify any Celsius customers who may have been affected by this event. If you received any of the fraudulent messages:

Report the message as spam
Do not click any links
Do not provide any personal or confidential information
Keep 2FA enforced on all your accounts
Update your account credentials regularly
Check if your information has been shared in any recent data leaks

Official communication, product updates and promotions are communicated through our verified channels. The only official email and website domain for Celsius is celsius.network.

As a reminder, Celsius will never ask you for your private keys, passwords, or PIN codes. Any communications or activity that you suspect did not originate from Celsius should be forwarded to our security team at app@celsius.network.

For Celsius security insights and general user security best practices, you can learn more on our website: https://celsius.network/security-insight/

What we are doing going forward to ensure this does not happen again:

We are conducting a full internal investigation to see if there was anything at all that could have been done to prevent this. We will raise the bar on what we require from third parties in terms of ISO and SOC certifications.

We will never stop searching for better and better ways to keep our customers secure. It is our single most important priority.

Our team is providing real-time updates on the Celsius blog and on Twitter, and I will provide another update for the entire community as soon as we have new information.

Once again, thank you for your patience and continued support.

Sincerely,

Alex Mashinsky
Founder and CEO, Celsius

7:17 AM EST

5:00 AM EST

Our team is continuing to investigate the source of a fraudulent email that some Celsius customers have recently received. We’re working to provide more updates as soon as possible.

Wednesday, April 14, 2021

Our team is investigating a fraudulent website claiming to be an official Celsius channel. We will continue to provide updates here as they become available. Be sure to follow @CelsiusNetwork and @CelSecurity on Twitter for additional real-time updates.

6:35 PM EST

Earlier today we were made aware of a fraudulent website claiming to be Celsius. We are also aware many Celsius users received SMS and email messages, claiming to be official Celsius communication, linking to that website, and prompting recipients to enter sensitive information.

Our back-end systems remain fully secure, and customer funds and confidential information are not affected or connected to any front-facing communications platforms.

We are checking with all of our third-party vendors and within recent third-party data leaks to understand where this information came from and if third-party platforms have been vulnerable to any related incidents.

3:48 PM EST

2:46 PM EST

Dear Celsians,

Earlier today, some of our community members reported a fraudulent site claiming to be an official Celsius channel. We want to confirm that Celsius is in no way connected to the fraudulent site, and anything associated with it is not legitimate.

Thank you to our incredibly vigilant community for flagging and reporting this to our team.

Your security is our top priority, and our team is actively investigating. We will continue to provide updates as available if needed. Be assured, all customer assets and sensitive information remain secure.