OpenSea, the most popular NFT marketplace in the world, has experienced a breach of user information. According to a blog post yesterday, an employee of Customer.io, a service provider for OpenSea, downloaded OpenSea’s email list, apparently to use or sell for illegal objectives.
OpenSea stated:
“… If you have shared your email with OpenSea in the past, you should assume you were impacted. We are working with Customer.io in their ongoing investigation, and we have reported this incident to law enforcement.”
OpenSea advised individuals to be leery of potential phishing attacks or nefarious ploys to leverage email addresses.
“Your trust and safety is a top priority. We wanted to share the information we have at this time, and let you know that we’ve reported the incident to law enforcement and are cooperating in their investigation,” stated OpenSea representative Cory Hardman.
This is not the first time OpenSea has been the target of bad actors. Last month, OpenSea said it was actively investigating illicit activity on their Discord channel. At the beginning of the year, it was reported that $1.7 million worth of NFTs were stolen. Obviously, the optics have not been very strong for OpenSea.
Paolo Ardoino, CTO of Bitfinex and Tether, distributed the following comment on the email theft:
“The warning from OpenSea that their customers’ email details may have been compromised demonstrates once again the importance of staying vigilant. Everyone must stay alert to the risks posed by scammers and take the necessary steps to protect their digital assets. These steps include opting for a two-factor authentication solution that ensures additional verification, being mindful of unsolicited messages, and always validating the authenticity of a platform. We must be mindful of the fact that incidents of bad actors seeking to breach the security systems of platforms will not abate. It is therefore imperative that we work together as an industry and remain in a perpetual state of vigilance to help guard against such security threats.”