Triggered by an employee from an external vendor who shared an email address with an unauthorized party, the breach could lead to phishing attempts against affected individuals.
NFT giant OpenSea is warning of a data breach that exposed the email addresses of users and subscribers to the company’s newsletter. In one Announcement published on WednesdayOpenSea revealed that anyone who has shared their email address with the company in the past should assume they were affected.
The breach was caused by an employee at Customer.io, the email service provider for OpenSea. As described in the announcement, the unnamed employee appears to have abused their access to download and share the email addresses of OpenSea users and newsletter subscribers with an unauthorized party. OpenSea said it is working with Customer.io to investigate the incident and has also reported the incident to law enforcement.
At a recent valuation of $13.3 billion, OpenSea is the largest market for trading NFTs, or token is not replaceable. Purchased with cryptocurrency, NFTs are digital items linked back to a blockchain to record ownership and other details. As the newest commodity in today’s cyber world, NFTs are unique and tradable and have attracted the interest of many collectors. However, some feel that the NFT is highly speculative and unlikely to be considered a long-term investment.
UNDERSTAND: Metaverse Scam Table: Everything You Need to Know (Free PDF) (TechRepublic)
OpenSea did not disclose how many people or email addresses were compromised in the breach, but the number could be closer to 2 million. Data collected by crypto analytics website Dune Analytics to just over 1.8 million users who have made at least one purchase on OpenSea using the Ethereum network.
Why did the OpenSea breach happen?
No motive has yet been revealed as to why Customer.io employees are sharing email addresses outside, but some experts don’t consider the incident to be random.
“Given that the individual has sole access to the OpenSea account at Customer.io, it makes sense that this large collection of emails is likely disallowed and second, possibly an act of action. malicious intent by that individual,” said Karl Steinkamp, director of security consulting firm Coalfire. “As this case unfolds, it will be interesting to see if the person is paid or extorted by the outside for this particular access as a vector to scam and steal NFTs from individuals. .”
Stephen Banda, senior manager of security solutions at security provider Lookout, agrees with Steinkamp’s summary
“When it comes to the data breach at OpenSea, it seems to me to be financially motivated,” Banda said. “There is a lucrative market for stolen credentials and credentials. In this case, the 2 million customer email addresses in the world’s largest NFT marketplace will be very attractive to bad actors looking to launch large-scale phishing attacks.”
What to do if you are affected
With email addresses compromised, those affected should be prepared for an increase in phishing attempts. OpenSea also shared the following tips for those affected by the breach:
Watch out for phishing emails from addresses trying to impersonate OpenSea.
Only emails sent from opensea.io are legitimate. Be wary of emails that use variations of that name.
Never download any attachments from OpenSea emails
Legit OpenSea emails have no attachments or download requests.
Check the URL of any linked page in an OpenSea email
Links in legitimate OpenSea emails will turn into email.opensea.io. Carefully review any links to ensure that opensea.io is spelled correctly.
Do not share passwords or secret wallet phrases
OpenSea will not ask you to share or confirm this type of sensitive information.
Do not sign wallet transactions directly from email
OpenSea emails do not contain direct links asking you to sign a wallet transaction. Avoid signing any such transactions that are not on the list https://opensea.io as the source, especially if you reach it via email.
“Users should also be aware of social media impersonation,” said Ryan McCurdy, vice president of marketing at digital risk management firm Bolster. “The crypto and NFT communities are extremely active on social media channels like Telegram and Discord. On both of these channels, scammers form groups that impersonate nearly all of these brands. If someone sends you a link to join these communities, make sure to verify that you are joining the real community.”
