Celsius Network recently published a large document (no longer available) containing all of its customers’ account balances. The move is part of an ongoing restructuring process following the company’s Chapter 11 bankruptcy filing from earlier in the year and unfortunately exposed all user transactions that happened within 90 days prior to when proceedings began on July 13th 2022.
The move is an interesting one because, on the one hand, it offers insight into each user’s financial situation, and, on the other, enables anyone to analyze transactions happening on-chain with great detail. Cybercriminals could use this leaked information to de-anonymize users by piecing together names, dates, and transaction histories.
User privacy has clearly been breached and anyone who uses Celsius Network is at risk. If you’re a present or previous Clesius customer, you could become a target for identity theft, blackmail, doxing and harassment.
Celsius Network Going Bankrupt
Celsius is one of the biggest players in the cryptocurrency lending business. The company offered its customers up to 18% yearly interest on their Bitcoin, Ethereum, and Tether, promising great rewards with low risk… and in July 2022 it officially filed for bankruptcy.
After taking great risks in the past year due to a declining demand of loans from institutional investors, the lender decided to block its users from making any transfers or withdrawals before filing for bankruptcy. Celsius Network stated in a press release:
To ensure a smooth transition into Chapter 11, Celsius has filed with the Court a series of customary motions to allow the Company to continue to operate in the normal course. These ‘first day’ motions include requests to pay employees and continue their benefits without disruption, for which the Company expects to receive Court approval. Celsius is not requesting authority to allow customer withdrawals at this time. Customer claims will be addressed through the Chapter 11 process.
Celsius continues to operate with the cash reserves it still has in an attempt to fund certain operations during the Chapter 11 reorganization process. Now, the question is, why would a large crypto lender reveal the private data of their customers?
Celsius Goes Public with Its Customer Data
The U.S bankruptcy code demands transparency during the Chapter 11 restructuring proceedings. This means companies have to open up to the public about their assets. The problem with Celsius is that it also controlled customer assets in the form of cryptocurrencies, so those had to fall under the transparency requirements.
Celsius filed a request to the court, asking to censor some of the private information of its customers. Because its users are from all over the world, the crypto lender was concerned about breaking the European Union’s GDPR and other digital protection laws with the release of this data. Celsius argued that all of its users would be exposed to cybercriminals that could use the personally identifiable data against them.
Customers are particularly concerned with the security and privacy of their personally identifiable information because such information could potentially result in a customer becoming the target of identity theft, blackmail, harassment, stalking, and doxing.
Also, Celsius requested to anonymize user information but the court ruled against the motion. The only data the company was allowed to hide was home addresses and email addresses, but even that information is still available to anyone who receives access to it from the court.
How to Prevent Doxxing and Protect Your Privacy
Doxxing is a type of online harassment that goes all the way back to the beginning of the internet. Cybercriminals can get your personal information from data breaches and use it for various actions like signing you up for spam or reporting your home address to the police as a threat. All they need is any personally identifiable information like the financial data that Celsius released.
Here are a few things you can do to prevent doxxing and protect your privacy:
- Change all of your online profiles and social media accounts to restrict the information you share. Consider even going as far as deleting Facebook and Twitter.
- Use unique and complex passwords to protect all your accounts. Once doxxers have your information they can attempt to get their hands on more valuable data.
- Pay special attention to unsolicited links and don’t click on them. Once a hacker knows your email address, they might send you links that download malware to your devices.
- Use CyberGhost VPN to hide your IP address and encrypt your traffic. We encrypt your connection and mask your IP address so doxxers can’t find out where you live and what you’re doing online.
- Use anonymous usernames for all of your accounts. If a doxxer knows who you are, they can figure out what accounts you have based on your private information. Limit the damage they can make by creating usernames the same way you create passwords. Don’t use your real name.
Finding out your private data has been exposed by a company you trusted is stressful. Doxxers can learn a lot about you from very little information and then they start to harass or impersonate you. Protect your data preemptively, and leverage powerful tools like CyberGhost VPN to hide your identity.