OpenSea, one of the largest NFT marketplaces, has said that it has suffered a data breach. Per the platform’s statement, an employee of Customer.io leaked a list of OpenSea customers’ email addresses to an outside party. Customer.io is a platform for managing emails, newsletters, and campaigns.
The marketplace has published a press release to warn users. Customers should presume they have been affected by the event if they have previously provided their email address with OpenSea.
The company stated,
“If you have shared your email with OpenSea in the past, you should assume you were impacted.”
They have informed legal law informants about this event and are cooperating with Customer.io in their current investigation.
Due to the high frequency of data leaks, email newsletter management platforms and customer relationship management (CRM) software appear to be a weak point for cryptocurrency companies.
In March, BlockFi, Swan Bitcoin, NYDIG, and Circle were impacted by a compromise of Hubspot, a software similar to Customer.io. Names, phone numbers, and email addresses of users of various sites were disclosed to a third party.
Unscrupulous actors may attempt to contact clients using emails from names that resemble OpenSea.io, such as OpenSea.org or OpenSea.xyz, according to the platform.
Customers of OpenSea have taken to Twitter and are lamenting an increase in spam calls, texts, and emails.
Famous crypto whistleblower, FatmanTerra asked whether the outside party only got the list of email addresses or did they also get the list of corresponding blockchain addresses.
To this, an employee of the NFT marketplace replied that Customer.io does not have access to any wallet addresses.
Some users have also complained of their NFTs being stolen. However, there is no confirmation regarding this at the moment.
In February of this year, OpenSea was a victim of a significant hack worth $1.7 million. The vast user base of OpenSea experienced a late-night scare as attackers stole hundreds of NFTs from users of the platform.