NFT Marketplace OpenSea Suffers Data Breach With Users’ Email IDs Leaked

OpenSea, the largest non-fungible token (NFT) marketplace by trading volume, has suffered a data breach after an employee at the platform’s email delivery partner – Customer.io – leaked user data. In a blog post on Thursday, the marketplace said that an employee of Customer.io “misused their employee access to download and share email addresses – provided by OpenSea users and subscribers to our newsletter – with an unauthorised external party.” According to OpenSea, all customers who have shared their email with the platform in the past should assume they have been impacted by the breach.

In a blog post, OpenSea’s head of security Cory Hardman said that an employee of Customer.io, OpenSea’s email delivery vendor, abused their access by downloading and externally sharing customer data.

“If you have shared your email with OpenSea in the past, you should assume you were impacted,” he wrote. “We are working with Customer.io in their ongoing investigation, and we have reported this incident to law enforcement.”

The company further warned customers might face phishing attacks — attempts by cybercriminals posing as credible institutions with the aim to obtain sensitive information — by using a domain name similar to the official “opensea.io,” such as “opensea.org” or “opensae.io.”

Hardman also shared a set of safety recommendations that would help defend against phishing attempts advising them to be suspicious of any emails trying to impersonate OpenSea, not to download and open email attachments, and to check the URLs of pages linked in OpenSea emails.

Users are also urged never to share or confirm their passwords or secret wallet phrases and never to sign wallet transactions if prompted directly via email.

Some customers took to Twitter to share screenshots showing that OpenSea contacted them by email to inform them about the breach.

A similar incident occurred in March, when hackers breached third-party marketing vendor HubSpot to target large crypto stakeholders. NYDIG, Pantera Capital, BlockFi, Circle and Swan Bitcoin were among the affected companies.


For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.