OpenSea Reports Email Address Database Breach

Ayush Pande
01.07.2022

OpenSea, one of the leading platforms for minting and trading NFTs, reported a leak in its email address database. On Wednesday, a blog post by OpenSea revealed that one of its employees tampered with the database of email addresses of users who subscribed to newsletters and leaked it to an unauthorized external party.

What Happened To The Leaked Email Addresses?

Several phishing emails from fake websites impersonating opensea.io were reported by users a few hours later on Reddit and Twitter. The websites behind the phishing attacks include opensea.xyz, opensea.org and opensae.io. 

OpenSea's Response To The Incident

In response, OpenSea released several guidelines on their blog post to caution users against email phishing attempts. On Thursday, OpenSea responded on Twitter that if a person's email address was compromised, it would receive an email from opensea.io, the official OpenSea website.

OpenSea is currently assisting Customer.io with their ongoing investigation and has reported the incident to law enforcement.

"We will only include hyperlinks to 'email.opensea.io.' URLs. Make sure that 'opensea.io' is spelled correctly, as it's common for malicious actors to impersonate URLs by shuffling letters." the company noted.

This isn't the first time OpenSea has come under siege from fraudulent attacks this year. OpenSea was hit with another phishing attack in February that led to at least 32 users losing access to their NFTs, estimated to cost $1.7M.

Stay on the pulse of NFTS

Gain access to exclusive interviews with industry leaders, think pieces, trend forecasts, guides and more

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
By subscribing, you agree to our Terms of Use and Privacy Policy

READ THIS NEXT

LATEST QUESTIONS