On the morning of Thursday, June 30, the NFT-marketplace OpenSea announced a data leak. A Customer.io employee gained access to the portal’s database of users’ email addresses and then resold them. The site warns of an increased risk of phishing attacks.
Customer.io provides email processing services for OpenSea, including from users. One employee took advantage of his position and gained access to the database.
He then turned it over to an “unknown third party.” Marketplace immediately warned users of the risk of fraud.
Portal customers were asked not to click on suspicious links and warned against using the same password to access the account and confirm the transaction by email.
“If you have left your email on OpenSea services in the past, you are at risk. We are working with our partners at Customer.io and have already notified law enforcement,” the press release said.
In the near future users may receive emails with an address that visually resembles the official site of the marketplace. Be vigilant and check all data carefully.
Since the beginning of the year, OpenSea has run into difficulties on several occasions. We recently reported that a former manager of the marketplace was being sued for insider trading. Before that, in February, the marketplace was forced to suspend operations due to a phishing attack.