OpenSea, the largest NFT marketplace with more than $20 Billion in trading volume, disclosed a data breach Wednesday, warning users of phishing attacks that could target them due to a recent breach of most all of their customer email data. The online NFT marketplace says it has more than 600,000 users and possibly all of their emails were compromised. The company’s Head of Security, Cory Hardman, said that an employee of Customer.io, the platform’s email delivery vendor, downloaded email addresses belonging to OpenSea users and newsletter subscribers.
Noting that all of the stolen emails were shared with an unauthorized external party, Hardman warned “If you have shared your email with OpenSea in the past, you should assume you were impacted” warning of the likelihood of phishing attacks.
“The world of crypto is already know for massive fraud and theft. The practice and procedures enacted on the Web2 world simply are not operating practices in the web 3/crypto world. Until practices like system hardening, device and user review and identity governance are practiced – the NFT, crypto world will continue to be a hackers paradise.”