OpenSea users at risk after massive email leak

The incident, which dates back to 2022, occurred when an employee at Customer.io, OpenSea’s email delivery partner, mishandled data by sharing it with an unauthorised third party.

Beware of Phishing Scam Emails - Concept - Computer Keyboard with red key that says PHISHING SCAM

OpenSea users are facing increased risks after over 7 million email addresses were exposed in a data breach dating back to 2022. The breach occurred when an employee of Customer.io, OpenSea’s email delivery partner, mishandled user data, sharing email addresses with an unauthorised third party. This data includes the emails of major figures in the crypto world, raising concerns about potential phishing attacks and scams.

Blockchain security expert 23pds highlighted the growing threat, warning that the leaked information had been circulated multiple times before becoming public. OpenSea had previously alerted users about phishing risks following the breach, advising them to be cautious with email links and attachments.

Phishing scams targeting OpenSea users have been a persistent issue, with attackers using fake websites and fraudulent email campaigns to exploit vulnerabilities. One such scam in January 2024 promised exclusive access to an NFT event, only to direct victims to a malicious site designed to steal funds and wallet information.

Experts continue to advise users to stay vigilant, verify email sources, enable two-factor authentication, and never share sensitive wallet details to protect themselves from ongoing phishing threats.