OpenSea Warns Users Of Phishing Attacks From Data Breach

Are you a fan of NFTs?  If so, you’ve probably heard of OpenSea, which is the largest marketplace for non-fungible tokens.

If you have an account there, be aware that recently the company disclosed that their network had been breached and they issued a warning to their clients urging them to be on the lookout for possible phishing emails.

Cory Hardman is OpenSea’s head of security. According to Hardman, an employee of Customer.io, which is the company’s email delivery vendor, downloaded a file containing email addresses that belong to OpenSea users and newsletter subscribers. The precise number of email addresses the attacker made off with was not disclosed.

Mr. Hardman said:

“If you have shared your email with OpenSea in the past, you should assume you were impacted. We are working with Customer.io in their ongoing investigation, and we have reported this incident to law enforcement.”

This is not the first time OpenSea users have been targeted.  Last year, threat actors impersonating fake support staff successfully absconded with roughly two million dollars (USD) worth of NFTs. Last September (2021) the company addressed a security flaw that allowed attackers to empty an OpenSea user’s cryptocurrency wallets by luring them to click on maliciously crafted NFT artwork.

Although the industry is still in its formative stages, it has grown at a blistering pace. OpenSea is the largest marketplace in the NFT industry. They boast more than 600,000 users and total transactions that surpass $20 billion (USD) which make it a prime target for hackers.

Sadly, this will almost certainly not be the last time OpenSea and other NFT markets find themselves in the crosshairs.

If you have an account there, be on high alert.  Odds are good that the attacker will try to put your email address to malicious use.