OpenSea, the largest non-fungible token (NFT) marketplace in the world, recently sent a warning to its users after the platform discovered that an employee of Customer.io, a platform where the email newsletters and promotions are shared with users, had leaked the list of OpenSea users. to a third party.
The NFT marketplace announced on Thursday that they have approached the police about this situation and that the investigation is in full swing.
Effect of the OpenSea data breach
Anyone who left their email address with the marketplace could potentially feel the effects of this leak. This can be for receiving the newsletter as well as for an account on the platform. Opensea has therefore also warned users about possible phishing attempts by third parties.
OpenSea has indicated here that scammers may be able to contact OpenSea users through emails from domain names very similar to OpenSea.io or OpenSea.xyz. Users have indicated on Twitter that they have already noticed that they receive a number of spam emails, phone calls or text messages.
Multiple attacks
However, this data breach is not the first time that something went seriously wrong at the NFT marketplace this year. In May we already saw that the Discord server was hacked, which also caused many phishing attacks on members.
Before that, in March, we saw that Hubspot, a service similar to Customer.io, was hacked, causing the usernames, phone numbers and email addresses of users of BlockFI, Swan Bitcoin, NYDIG and Circle to be made public by an unknown party.
At the beginning of this year, we saw that OpenSea was the victim of another extreme attack. This attack allowed the hackers to sell NFTs without permission. The marketplace eventually reimbursed $1.8 million in stolen goods.