Popular NFT Marketplace OpenSea, announced a data breach. And the email addresses of the users are now vulnerable to external attack.
Why the Opensea Data Breach?
The Opensea marketplace stated that the platform was not the cause of the data breach.
The breach occurred because a worker at Customer I.O took advantage of the access to the email addresses of customers and disclosed the information to an external source.
According to the Opensea market, all the customers that have given their email addresses to the platform are vulnerable to attack. Consequently, they should therefore be careful against phishing attempts that may arise in the future.
Opensea sent a tweet to customers saying that the hackers may send emails with fake domain names. The domain names are mocks of the original opensea.IO such as opensae.IO or opensea.org.
The Opensea marketplace has contacted law enforcement agents to conduct further investigations on the issue.
Other Firms that Have Experienced Data Leaks
This is not the first time the details of the customers of a crypto firm have experienced a data leak . Although these companies pay close attention to the security of their firms.
Hubspot– a customer management software comparable to Customer I.O–incurred a data breach in March. In this case, the hackers obtained the details of customers such as first and last names, phone numbers, email addresses e.t.c.
Also, in March Ronin Bridge– a link used to make deposits and withdrawals in the Axie Infinity NFT game– was subject to an attack by hackers which led to the siphoning of over $625 million.
In May, Hackers attacked the Opensea Discord server, leading to the promotion of phishing events and exploitation of the users’ wallet
Malicious actors also attacked the NFT platform of Opensea in January. And the hackers deceived users into buying their NFTs below the market price.
Opensea had to refund $1.8 million to the customers that sold their NFTs without being aware that they were dealing with
fraudsters.
Final Thoughts
With the data breach on the Opensea platform, fraudsters can make use of the opportunity to send false emails and links to users. And this may result in the disclosure of sensitive information. For example, first names and last names, account details, and passwords e.t.c.
Opensea users should therefore take precautionary measures to avoid becoming victims of phishing attempts on the platform.