The largest NFT marketplace OpenSea reported a data breach

By: Michael Korgs | 01.07.2022, 11:41

OpenSea, a NFT platform, announced today that it has been hacked again — this time by one of its suppliers. According to the firm, an employee of Customer.io, OpenSea's email delivery vendor, allegedly downloaded and shared stored email addresses connected with their accounts and newsletter subscriptions with an unknown third party. At least a portion of the millions of email addresses that have been compromised were those used on OpenSea accounts or received as part of its newsletter subscriptions, according to the company's head of security Cory Hardman. It does not appear that any passwords or other personal information was stolen at this time.

Customer.io is investigating the matter for the company. “Please be vigilant about your email practices and on the lookout for any attempt to impersonate OpenSea via email,” Hardman wrote in his statement. There was no further reported damage from the previous phishing assault on OpenSea in February, unlike to a prior phishing attack on OpenSea that resulted in hundreds of NFTs being stolen. The number of individuals affected by the breach, nevertheless, is substantial. According to data from Dune Analytics, 1.8 million users utilized OpenSea's Ethereum network to purchase goods.

The firm recently sent notices to OpenSea users it believed were involved, advising them to be on the lookout for phishing emails and other scams. Users were additionally advised not to sign wallet transactions immediately from an email or to communicate or validate secret wallet phrases beyond basic guidance such as not to download attachments or click on a link in an OpenSea email.

The identity of the third party to whom the leaked email addresses were given has not been disclosed. Customer.io stated that the employee who perpetrated the breach had “role-specific” access to OpenSea data, which they abused. “We do not believe any other clients' data has been compromised, but we are continuing our investigation. The individual in question has had all access revoked and is being investigated pending the completion of our inquiry.”