The world’s largest nonfungible tokens (NFT) marketplace OpenSea has issued a warning to customers after it was discovered that an employee of Customer.io, a platform for managing email newsletters and campaigns, leaked the list of OpenSea customers’ emails to an outside party.
It has been reported that the breach has affected all of the users who have given their email to the marketplace, whether it's for the platform or its newsletter. After the breach, OpenSea advised customers against potential phishing attempts. The NFT marketplace announced on Thursday that it has contacted law enforcement officials about the breach and that an investigation is in progress.
However, the most recent data breach is far from the first major assault on OpenSea and its users this year. In May, the popular NFT marketplace’s Discord server was hacked, leading to a deluge of phishing assaults. In the event, numerous user wallets were exploited.
The report said that in January, the platform was subjected to one of its most severe assaults yet, in which an exploit allowed attackers to sell NFTs without permission. The marketplace reimbursed $1.8 million in losses. In March, Hubspot, a comparable service to Customer.io, was hacked, exposing customers’ usernames, phone numbers, and emails on BlockFi, Swan Bitcoin, NYDIG, and Circle.
Thus, customers of these platforms had their names, phone numbers, and email addresses released to an unknown party. OpenSea warned that hackers may attempt to contact OpenSea customers through emails from domains that appear similar to OpenSea.io or OpenSea.xyz. Users on Twitter have reported an increase in spam emails, phone calls and text messages.