OpenSea NFT warned its users after getting hit with a data breach

July 1, 2022
OpenSea NFT Cryptocurrency Phishing Warning Data Breach Fraud Prevention

One of the largest NFT marketplaces, OpenSea, announced suffering from a data breach and warned its users against cyberattacks like phishing since threat actors could use the stolen data for carrying out malicious activities.

With over 600,000 active users, the NFT marketplace boasts over $20 billion in transaction volume since its emergence.

Based on the initial investigation of the incident, OpenSea’s email delivery vendor, Customer.io, had an employee that downloaded data containing the email addresses of OpenSea users and their newsletter subscribers. Thus, OpenSea NFT users who have shared their email addresses with the platform are warned about receiving phishing emails in the future since their information was included in the compromise.

 

OpenSea NFT, alongside Customer.io, had begun the investigations on the data breach incident and added that they have also reported to authorities for further assistance.

 

Attackers could use any form of phishing tactics against the compromised email addresses of the users. However, OpenSea NFT stressed that users must be warier of emails spoofing OpenSea’s official email domains, including opensea[.]org, opensea[.]xyz, and opensea[.]io.

The cybersecurity researchers investigating the data breach incident on OpenSea NFT shared some recommendations for the affected users to ensure protection from potential attacks.

According to them, users must stay suspicious of any email messages from OpenSea and speculate whether the email is legitimate or from unknown sources that impersonate the NFT platform. Also, users must not download and open attachments inside suspicious emails since those could include malware. Additionally, the users must always remember to verify the URLs of pages linked in emails from OpenSea to avoid being redirected to phishing sites. Sharing or confirming their account passwords or secret wallet phrases to anyone is also strongly discouraged.

Currently, the NFT platform said that they cooperated with law enforcement in their investigation and asked their users to be extra cautious in the meantime.

OpenSea NFT had previously been targeted by threat actors, such as those that imitate their customer service staff to victimise users. Phishing actors had also previously managed to steal crypto assets from the platform’s users because of an unpatched bug.

About the author

Leave a Reply