OpenSea experiences email data breach, warns users of phishing scams OpenSea experiences email data breach, warns users of phishing scams
OpenSea suffered a massive data breach after an employee of its email vendor downloaded and shared email addresses of its users.
1 min read
Updated: Jun. 30, 2022 at 1:37 pm UTC
Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.
OpenSea, the world’s largest NFT marketplace, suffered an email data breach that would affect the majority of its customers.
An employee of Customer.io, an email vendor contracted by OpenSea, reportedly misused their access to download and share email addresses with an unauthorized external party. The company said that the email addresses users and newsletter subscribers provided to OpenSea were impacted.
“If you have shared your email with OpenSea in the past, you should assume you were impacted,” the company said.
OpenSea noted that the data breach could lead to email phishing attempts, warning users to beware of any emails they receive that don’t come from OpenSea’s official domain.
1) We will ONLY send you emails from the domain ‘https://t.co/3qvMZjxmDB.’ Be aware of attempts to impersonate OpenSea through slight variations of our domain name, like below: pic.twitter.com/2tvgC6g3kD
— OpenSea (@opensea) June 30, 2022
Customer.io has already launched an investigation into the matter and the incident has been reported to law enforcement, the company said. Users have already begun reporting an uptick in phishing emails from fake OpenSea domains.
This isn’t the first time OpenSea users were targeted by phishing scams. In February this year, close to $2 million worth of NFTs were stolen in an elaborate phishing attack that affected 32 users. The attack caused activities on OpenSea to drop significantly, with the platform losing over a third of its trading volume and a fifth of its users.
Marketing tools such as email newsletter platforms and customer relationship management (CRM) software continue to be a weak link in the security of many crypto and blockchain platforms. In March, a data breach at HubSpot, one of the most popular marketing campaign platforms, affected over two dozen large crypto companies.
BlockFi, Circle, Swan Bitcoin, Pantera Capital, and NYDIG all reported that a portion of its users’ information was leaked to hackers. And while the companies said that none of its operations or treasuries were affected, users reported a significant increase in phishing emails.
Mentioned in this article
Author 
Andjela Radmilac
Armed with a classical education and an eye for news, Andjela dove head deep into the crypto industry in 2018 after spending years covering politics.
Latest Press Releases
In this article
OpenSea
OpenSea is a decentralized peer-to-peer marketplace for buying, selling, and trading NFTs.
