Users May Receive Information from Fake Opensea Domains

The World-renowned NFT marketplace on Thursday announced a data breach at Customer.io, its email delivery, where an employee leaked confidential data.

In a blog post, the platform remarked,

"An employee of our email vendor… misused their employee access to download & share email addresses with an unauthorized external party. Email addresses provided to OpenSea by users or newsletter subscribers were impacted."

According to the post, all users and subscribers should assume their privacy has been breached. This could result in emails impersonating the platform and trying to exploit or confuse users. It also said hackers might try to contact users via emails with domains such as OpenSea.xyz and OpenSea.org instead of OpenSea.io, the original domain.

OpenSea has contacted customers, informing them of this menace as individuals took to Twitter to share and pass the details of this information. However, the platform is not relenting as it collaborates with Customer.io and law enforcement agencies to get to the root of the matter.

Previous Attacks on Opensea and Other Crypto Firms

This is not the first time a crypto company or even OpenSea will be a victim of cybercrimes. Despite the security checks and strong firewalls, hackers continue to find their way into these platforms.

In May, the discord server of OpenSea was under a malicious attack where it was flooded with a fake NFT mint offer. As a result, January's platform was severely attacked, and hackers could purchase NFTs below their normal price. This attack cost OpenSea $1.8 million in compensating victims.  

An example is HubSpot, a top management software firm hacked in March, leading to companies such as Pantera Capital, BlockFi, Circle, and other crypto firms losing data.