OpenSea data breach causes massive leak of users’ email addresses

Published at: June 30, 2022

OpenSea, the world’s largest nonfungible tokens (NFT) marketplace, has issued a warning to customers after it was discovered that an employee of Customer.io, a platform for managing email newsletters and campaigns, leaked the list of OpenSea customers’ emails to an outside party.

The breach has affected all of the users who have given their email to the marketplace, whether it's for the platform or its newsletter. Following the breach, OpenSea advised customers against potential phishing attempts.

The NFT marketplace announced on Thursday that it has contacted law enforcement officials about the breach and that an investigation is in progress.

An employee of our email vendor, https://t.co/6vM4WAcJal, misused their employee access to download & share email addresses with an unauthorized external party. Email addresses provided to OpenSea by users or newsletter subscribers were impacted.https://t.co/Osb6qqkqZZ

— OpenSea (@opensea) June 30, 2022

The most recent data breach is far from the first major assault on OpenSea and its users this year. In May, the popular NFT marketplace’s Discord server was hacked, leading to a deluge of phishing assaults. In the event, numerous user wallets were exploited. In January, the platform was subjected to one of its most severe assaults yet, in which an exploit allowed attackers to sell NFTs without permission. The marketplace reimbursed $1.8 million in losses.

My info was breached thanks to OpenSea and Customer io Lord Jeebus help me. I was wondering why I had so many spammy texts, phone calls, and emails lately.

— Metzilmazatl (Moon Deer)️‍ (@TheAscendant3) June 30, 2022

In March, Hubspot, a comparable service to Customer.io, was hacked, exposing customers’ usernames, phone numbers and emails on BlockFi, Swan Bitcoin, NYDIG and Circle. Customers of these platforms had their names, phone numbers and email addresses released to an unknown party.

Related: OpenSea Discord server hacked, users warned to be vigilant of phishing scams

OpenSea warned that hackers may attempt to contact OpenSea customers through emails from domains that appear similar to OpenSea.io or OpenSea.xyz. Users on Twitter have reported an increase in spam emails, phone calls and text messages.

Tags
Blockchain
Nft
Regulation
Law
Security
Data
Related Posts
'It would be absurd' for a US court to rule private NFTs as securities: Lawyer
Blockchain Association’s chief legal officer says “it would be absurd” for a United States court to rule that digital assets on private blockchains are securities, following a federal judge's decision to allow a lawsuit against Dapper Labs's NBA Top Shots NFTs to play out. U.S. attorney Jake Chervinsky made the comment after federal judge Victor Marreo denied a motion to dismiss a 2021 lawsuit that accused Dapper Labs of selling nonfungible tokens (NFTs) as unregistered securities. Chervinsky was among a host of lawyers on Twitter to reiterate that the judge’s denial of the motion does not mean a ruling has …
Adoption / Feb. 23, 2023
Texas chases after Wyoming with crypto law proposal, but challenges remain
Everything is bigger in Texas, but when it comes to crypto-friendly legislation, this doesn’t seem to be the case… just yet. On March 12, 2021, Texas Representative Tan Parker introduced the Uniform Commercial Code, also known as UCC, amendment bill (House Bill 4474) to better adapt commercial law to blockchain innovation and digital asset regulations. Specifically speaking, the Texas UCC amendment bill aims to recognize virtual currencies under commercial law. Lee Bratcher, president of the Texas Blockchain Council — an organization recently established as a trade association intended to make Texas a leader in national blockchain growth — told Cointelegraph …
Blockchain / March 25, 2021
Crypto at the Olympics: NFT skis, Bitcoin bobsledders and CBDC controversy
The 2022 Winter Olympics, officially called the XXIV Olympic Winter Games, kicked off on Feb. 4 in Beijing with crypto being a major part of the event, partly because of the Chinese government’s digital currency ambitions. The cryptocurrency community hasn’t had strong ties to the Olympics over the last few years. The last major headline-grabbing interaction was when the Dogecoin (DOGE) community helped fund the Jamaican bobsled team in 2014 so they could attend the event in Sochi. The 2022 Winter Olympics, however, are making history due to the presence of nonfungible tokens (NFTs), Bitcoin- (BTC)-supported athletes, the launch of …
Decentralization / Feb. 15, 2022
Prosecutors want to claim NFTs as securities, alleges legal team of former OpenSea employee
Lawyers representing Nathaniel Chastain, the former OpenSea product manager accused of insider trading, have claimed United States authorities only filed charges in an attempt to set legal precedent that nonfungible tokens are securities. In a Friday filing with the Southern District of New York court, Chastain’s legal team from Greenberg Traurig filed a motion to dismiss the indictment against him, which included allegations of wire fraud and money laundering related to an NFT insider trading scheme from June to September 2021. The lawyers argued that the charges against the former OpenSea employee were invalid in part “because the NFTs at …
Nft / Aug. 22, 2022
Emojis count as financial advice and have legal consequences, judge rules
A judge from the United States District Court of the Southern District of New York ruled that emojis like the rocket ship, stock chart and money bags mean "a financial return on investment," according to a recent court filing. In a tweet, former United States Securities and Exchange Commission (SEC) branch chief Lisa Braganca warned users of the potential legal consequence of their use of such emojis that may indicate future gains. She tweeted: A federal court judge ruled that these emojis objectively mean "one thing: a financial return on investment." Users of these emojis are hereby warned of the …
Nft / Feb. 24, 2023