OpenSea, the largest NFT marketplace by daily volumes, cited a data breach caused by email provider Customer.io. Marketplace reported that a Customer.io employee downloaded customer email addresses. He then shared that he was abusing their access by sharing it with an external party. Here are the details…
Emails of Opensea users transferred to unknown party
An employee at Customer.io, the email provider of NFT marketplace Opensea, misused Opensea customers’ mail. It is estimated that any customer who shares their email with the marketplace for the platform or newsletter is likely to be affected by the breach. OpenSea warned of potential phishing attempts after the breach. The NFT marketplace stated in a blog post that it is currently in contact with law enforcement regarding the breach. He said an investigation is ongoing.
In March, Hubspot, a service comparable to Customer.io, was hacked. It exposed customers’ usernames, phone numbers, and emails on BlockFi, Swan Bitcoin, NYDIG, and Circle. The names, phone numbers and email addresses of the customers of these platforms were given to an unknown party. OpenSea warned that hackers could attempt to contact OpenSea customers via emails from domains similar to OpenSea.io or OpenSea.xyz.
Multiple hacks occurred on the NFT marketplace Opensea
The latest data breach isn’t the first major attack on OpenSea and its customers this year. As Cryptokoin.com reported, in May, the Discord server of the popular NFT marketplace was compromised. The server was flooded with phishing attacks. Several user wallets were emptied in the attack. In January, the platform saw one of its worst hacks ever. It allowed hackers to sell their NFTs without their owners’ consent.
The market reimbursed its customers about $1.8 million. At this time, the overall impact of the attack was unclear. The latest data breach for OpenSea occurred despite the platform’s recent tightening of security measures to prevent fraud.
Crypto-related scams on the rise
The OpenSea breach comes less than a week after another major crypto hack that stole nearly $100 million from DeFi protocol Harmony. It is said that this attack was probably carried out by the notorious North Korean hacking group Lazarus. The group appears to be behind many other crypto-related attacks. Especially the Axie Infinity hack, which stole over $600 million in tokens in April. The attack will be one of the largest crypto-related attacks ever. A recent report from blockchain analytics firm Elliptic shows that the group has stolen over $2 billion in total.
23671
