According to PANews, Celsius said on the X platform that it had sent a notice to the court regarding the data security incident reported by its claims agent Stretto. On April 17, 2024, Stretto discovered that some of the Celsius creditor data it held was accessed by unauthorized users after a phishing attack. Stretto has hired an independent computer forensics company to conduct an investigation to determine the severity of the data security incident. The accessed information included creditor names, email addresses, mailing addresses and claim amounts, as well as tax identification numbers of less than 40 creditors.
According to the current investigation, the data security incident did not affect Stretto's systems related to the planned distribution or the data provided by Celsius to Stretto in the bankruptcy proceedings. Celsius' debtor issued a statement on the data security incident stating that it has temporarily stopped distribution to creditors and hopes to confirm the main investigation results next week so that the distribution work under the plan can be resumed as soon as it is safe and reliable.