OpenSea said a Customer.io employee abused their access to upload and share customer email addresses with an external party.
All customers who have shared their email address with the marketplace – whether for the platform or its newsletter – are likely affected by this hack. OpenSea has warned its customers against possible attempts phishing as a result of this data theft.
Marketplace NFT said on its blog that it is now in contact with law enforcement regarding the breach and that an investigation is ongoing.
OpenSea has suffered a series of hacks this year
The latest data breach is far from the first major attack against OpenSea and its customers this year. In May, his Discord server had been compromised and flooded with phishing attacks. Several user wallets had been emptied during this attack.
In January, the exchange suffered one of its worst attacks, when a loophole allowed hackers to sell NFTs without owners’ permission. Although the marketplace reimbursed approximately $1.8 million to its customers, the overall impact of the attack was unclear.
The recent OpenSea data breach comes as the marketplace recently tightened its security measures to prevent scams.
Cryptocurrency scams are on the rise
The OpenSea breach comes less than a week after another high-profile cryptocurrency hack, in which around $100 million was stolen from the DeFi Harmony protocol. This attack was probably carried out by the famous North Korean hacker group Lazarus.
This group is behind several other cryptocurrency-related attacks, including the Axie Infinity hack in April, which stole over $600 million worth of tokens. This attack is one of the largest cryptocurrency-related hacks to date.
A recent report by blockchain analytics firm Elliptic suggests the group stole more than $2 billion in total.
To display Hide the table of contents