Emails Stolen in OpenSea Data Breach
On Wednesday, June 28, OpenSea flagged a data breach through its email vendor Customer.io. The NFT marketplace reported that “email addresses provided to OpenSea by users or newsletter subscribers were impacted.”
According to OpenSea, a staff member at Customer.io, an email vendor contracted by OpenSea, misused their employee access to download and share the email addresses of OpenSea’s users and newsletter subscribers.
OpenSea Warns About Possible Phishing Attacks
With OpenSea unsure of the scale of the data breach, they have warned people who had shared their email addresses with OpenSea in the past to assume that they were impacted.
OpenSea adds that the impacted email address could receive emails from the domain ‘opensea.io.’ OpenSea warns that mail from this domain is from malicious actors who may use this information to impersonate OpenSea in email phishing attempts.
On the Flipside
Why You Should Care
OpenSea will only send emails from the domain “http://opensea.io.” As such, users should delete emails from opensea.io, opensea.org, and opensea.xyz, among others.
Read about other recent OpenSea breaches below:
Former OpenSea product manager charged with NFT insider trading
On the upside, OpenSea has made the following updates:
OpenSea launches on Seaport to improve NFT trading quality
Continue reading on DailyCoin
Source: Cryptocurrency - investing.com
