NFT marketplace OpenSea confirms customer data leak
Popular NFT marketplace OpenSea has started issuing emails to its users warning them of a leak of customer data.
OpenSea says that an employee of its email delivery vendor, Customer.io, abused their position to access and share email addresses with an unauthorized third party. The company has not given an indication of the number of users affected by the data breach, but has warned of an increased risk of phishing attacks. With the number of active users of OpenSea reported to be around 2 million -- and this does not include people who have just signed up for a newsletter -- the potential impact is huge.
- Microsoft performs Known Issue Rollback after Windows update breaks Edge
- Tech companies say they will help employees with travel expenses for abortions following the overturning of Roe v Wade
- Microsoft releases preview of KB5014666 update which fixes Wi-Fi bug and adds printing features
The company says of the data leak: "We recently learned that an employee of Customer.io, our email delivery vendor, misused their employee access to download and share email addresses -- provided by OpenSea users and subscribers to our newsletter -- with an unauthorized external party. If you have shared your email with OpenSea in the past, you should assume you were impacted. We are working with Customer.io in their ongoing investigation, and we have reported this incident to law enforcement. Please stay vigilant about your email practices, and be alert for any attempt to impersonate OpenSea via email".
OpenSea gave details of the data leak in a thread on Twitter:
The company went on to provide advice for its customers, including information about how to spot legitimate OpenSea emails:
The company adds:
Your trust and safety is a top priority. We wanted to share the information we have at this time, and let you know that we've reported the incident to law enforcement and are cooperating in their investigation.
More information is available on the OpenSea blog.