NFT marketplace OpenSea confirms customer data leak

By Sofia Elizabella Wyciślik-Wilson
Published 2 years ago

Popular NFT marketplace OpenSea has started issuing emails to its users warning them of a leak of customer data.

OpenSea says that an employee of its email delivery vendor, Customer.io, abused their position to access and share email addresses with an unauthorized third party. The company has not given an indication of the number of users affected by the data breach, but has warned of an increased risk of phishing attacks. With the number of active users of OpenSea reported to be around 2 million -- and this does not include people who have just signed up for a newsletter -- the potential impact is huge.

See also:

The company says of the data leak: "We recently learned that an employee of Customer.io, our email delivery vendor, misused their employee access to download and share email addresses -- provided by OpenSea users and subscribers to our newsletter -- with an unauthorized external party. If you have shared your email with OpenSea in the past, you should assume you were impacted. We are working with Customer.io in their ongoing investigation, and we have reported this incident to law enforcement. Please stay vigilant about your email practices, and be alert for any attempt to impersonate OpenSea via email".

OpenSea gave details of the data leak in a thread on Twitter:

If we believe your email address was impacted, you'll receive an email from the domain 'https://t.co/3qvMZjxmDB.'

Please stay cautious. Malicious actors may use this information to impersonate OpenSea in email phishing attempts.

A few important email safety recommendations:
— OpenSea (@opensea) June 30, 2022

The company went on to provide advice for its customers, including information about how to spot legitimate OpenSea emails:

2) NEVER download anything from an OpenSea email.

3) Check the URL of any page linked in an OpenSea email. We will only include hyperlinks to ‘https://t.co/6DP9oUa4Rx.’ URLs.

4) NEVER share your seed phrase with anyone – we'll never ask for it.
— OpenSea (@opensea) June 30, 2022

https://t.co/6vM4WAcJal’s investigation is ongoing, and we’ve reported this incident to law enforcement.

Read more in our blog: https://t.co/Osb6qqkqZZ
— OpenSea (@opensea) June 30, 2022

The company adds:

Your trust and safety is a top priority. We wanted to share the information we have at this time, and let you know that we've reported the incident to law enforcement and are cooperating in their investigation.

More information is available on the OpenSea blog.

Image credit: rafapress / depositphotos

5 Comments

NFT marketplace OpenSea confirms customer data leak

5 Responses to NFT marketplace OpenSea confirms customer data leak

Recent Headlines

McAfee reports rise in AI scams and deepfake threats for holiday shoppers

Meet Daisy, the AI granny designed to waste scammers' time

TEAMGROUP announces T-CREATE EXPERT P32 desktop external SSD

Best Windows apps this week

How enterprises can maximize the value of automation [Q&A]

You can now easily download Windows 11 ISOs for Arm-based PCs

Google is making YouTube and other services delightfully free of political ads... in Europe

Most Commented Stories

What happens to Linux when Linus Torvalds dies?

Windows 10: Microsoft reveals how much you'll need to pay to keep receiving updates

Bring your Windows 10 and 11 desktops to life with the amazing (and free!) Sucrose -- download it now

The Guardian’s exit from Elon Musk’s X shows a lack of journalistic courage

Bluesky thinking -- why left-wingers are leaving X and why X will get over it

Unnecessary replacement of hardware leads to higher costs and growing waste problem

Tech leaders congratulate Donald Trump on 2024 election victory

Belkin launches Connect USB-C 11-in-1 Pro GaN Dock with 150W power