OpenSea Reported a Leak Of User Data

OpenSea, the leading platform for non-fungible tokens (NFTs), has reported a leak of user data.

The reason was the misuse of information by an employee of Customer.io, an email delivery service used by OpenSea.

An employee of our email vendor, https://t.co/6vM4WAcJal, misused their employee access to download & share email addresses with an unauthorized external party.

Email addresses provided to OpenSea by users or newsletter subscribers were impacted.https://t.co/Osb6qqkqZZ

— OpenSea (@opensea) June 30, 2022

The said employee had passed the email addresses of NFT-marketplace customers to a third party. OpenSea warned of possible consequences in the form of phishing attempts.

The site team noted that attackers could try to contact potential victims using an email address similar to the official domain of opensea.io.

1) We will ONLY send you emails from the domain ‘https://t.co/3qvMZjxmDB.’ Be aware of attempts to impersonate OpenSea through slight variations of our domain name, like below: pic.twitter.com/2tvgC6g3kD

— OpenSea (@opensea) June 30, 2022

Portal customers are asked not to click on suspicious links and warned against using the same password to access the account and confirmation of transactions by email.

Since the beginning of the year, OpenSea has repeatedly encountered difficulties. Recently it was reported that a former manager of the platform was being sued for insider trading. And before that, in February, the marketplace was forced to suspend its work due to a phishing attack.