OpenSea user’s data has been leaked after its email delivery vendor Customer.io suffered a data breach caused by an employee.
According to a blog post shared by OpenSea on Wednesday, June 29, it appears that an employee from Opensea’s email delivery vendor Customer.io “misused their employee access to download and share email addresses – provided by OpenSea users and subscribers” to their newsletter, “with an unauthorized external party.”
Someone from Twitter with the name TheAscendant3 tweeted about this incident and said: “My info was breached thanks to OpenSea and Customer.io. I was wondering why I had so many spammy texts, phone calls, and emails lately.”
Apparently, the Customer.io employee might have been selling OpenSea users’ email addresses and that alone has now put users at risk of email phishing – according to OpenSea. In the essence of this, OpenSea has now said they are “working with Customer.io in their ongoing investigation” and they have “reported this incident to law enforcement.”
OpeanSea Give Users Heads Up Of Email Phishing
With this data breach, OpenSea has now warned customers to “stay vigilant” about their “email practices, and be alert for any attempt to impersonate OpenSea via email.”
OpenSea also warned customers that since “the data compromise included email addresses, there may be a heightened likelihood for email phishing attempts.” OpenSea, in the blog post also gave customers some email safe practices recommendations – things they should do, and things they should not do.
Customer.io Data Breach Not The First Data Breach For OpenSea
The data breach of Customer.io is not the first data breach OpenSea has encountered this year. Last month in May, OpenSea suffered a discord server hack in which a link to a phishing site allegedly partnering with YouTube was posted on the server.
The hacker aimed to drain users’ wallets by making them click a link that was disguised as a limited mint pass to mint their project.
Another hack OpenSea experienced was In January, the NFT marketplace encountered an exploit that allowed hackers to sell NFTs without the owners’ permission. Although the NFT marketplace eventually paid back nearly $1.8 million to its customers, but the all-around effect of the attack was undefined.
Despite the hacks OpenSea has been encountering, this platform is still considered the largest NFT marketplace by daily volume.
Crypto-Related Scams & Hacks Increasing
Just weeks ago, there was another high-profile crypto hack that caused the loss of about $100 million stolen from the DeFi protocol Harmony. A report has stated that this hack was executed by the notorious North Korean hacking group Lazarus.
This same group is also the one behind a lot of other crypto-related hacks, including the Axie Infinity hack that happened back in March, this hack caused the loss of over $600 million worth of tokens. Till date, the hack is still seen as one of the largest crypto-linked hacks in history.
According to blockchain analytics in a recent report, the firm Elliptic suggests that the North Korean hacking group Lazarus, has stolen over $2 billion in total.