OpenSea’s users’ emails leaked in a recent data breach
The popular NFT marketplace issued an announcement on Wednesday, warning its users of a recent data breach. One of the staff at Customer.io, OpenSea's email delivery vendor, apparently leaked the marketplace's users' and subscribers' email addresses to an external party.
As a result, anyone who has shared their email with OpenSea is at risk of potential phishing attempts.
The platform has already recommended tips for how its users can protect themselves from malicious attacks. For instance, users should always confirm that the domain name of the email is spelt correctly, as in "opensea.io," to avoid OpenSea impersonators. It also advised users not to download anything from emails as it will never send downloadable attachments with its emails.
On Twitter, several OpenSea users have complained of an increase in spam texts, calls and emails.
According to its announcement, OpenSea is currently working with Customer.io and law enforcement to investigate the situation.
This year alone, the world's largest NFT marketplace has suffered multiple security attacks putting its users at risk. In January, a bug allowed attackers to sell other users' NFTs without permission. In May, the OpenSea discord was hacked, leading to several wallet addresses falling victim to phishing attacks. Also, in June, one of the company's employees was arrested for insider trading.