According to PANews, Celsius has informed the court about a data security incident reported by its claim agent, Stretto. The court documents shared by Celsius reveal that on April 17, 2024, Stretto discovered unauthorized access to certain creditor data it held for Celsius following a phishing attack. Stretto terminated all unauthorized access to the affected accounts on the same day.
Stretto has engaged an independent computer forensics firm to investigate the severity of the data security incident. The investigation is ongoing, but so far, Stretto has confirmed that the accessed information includes creditor names, email addresses, mailing addresses, and claim amounts. In addition, less than 40 creditors had provided their tax identification numbers to Stretto, and this information was also accessed.
According to the current investigation, the data security incident does not appear to have affected the systems related to Stretto's planned distributions or the data provided by Celsius to Stretto in the bankruptcy proceedings. Stretto's independent investigation is still ongoing and will provide further updates based on the actual situation.
In a statement released by Celsius debtors regarding the data security incident, they said, 'Given Stretto's role in the distribution process under this plan, the debtors have temporarily stopped distributing to creditors out of caution after the plan took effect. We hope to confirm the main investigation results next week to immediately resume distribution work under this plan in a safe and reliable situation. For affected creditors, Stretto advises them to closely monitor their accounts and transaction situations. If any abnormalities or suspicious activities are found, please contact Stretto or the relevant law enforcement agencies immediately.'
