Coinomi
Image default
NFT

NFT: 1.8 million OpenSea users affected by a massive breach of the messaging service

OpenSea, one of the most popular NFT marketplaces, has warned its users. Indeed, potentially 1.8 million of them may have received a phishing email. This risk follows a breach of the web giant’s messaging system3. OpenSea, valued at nearly $13 billion in January 2022, is a must-have in the NFT universe.

NFT_OpenSea-Mail_Hack

The violation of the email addresses of OpenSea users would have an internal origin to one of its partners

It would be a staff member of Customer.io , an email provider under contract with OpenSea, which allegedly abused its employees’ access to download and share the email addresses of OpenSea users. In addition to simple users, he also had access to newsletter subscribers. He would have communicated them to an unauthorized third person.

OpenSea works in partnership with Costumer.io to investigate this incident

The scale of the security breach seems massive. The company said: ” If you have shared your email with OpenSea in the past, you should assume that you have been affected ». She added that she was working with Customer.io in an ongoing investigation and had reported the incident to law enforcement.

1.8 million users potentially affected

More than 1.8 million users have made at least one purchase through the Ethereum network on OpenSea, according to the data collected by Dune Analytics, an open source crypto analysis platform. « We believe that this resulted from the actions of an employee who had specific access privileges “, said a spokesman for Customer.io .” We do not believe that other customers’ data has been compromised, but we are continuing to investigate. The employee in question has been denied all access and has been suspended pending the conclusion of our investigation “hastened to add the email provider.

The Web3, a privileged target of cyberattacks

Crypto startups have become a target for cyber attacks as the industry sees explosive growth and large inflows of money. Decentralized blockchain-based networks promise to offer better security, but today average users are turning to centralized services like OpenSea. This type of provider has many advantages, but also constitutes a higher risk in terms of the security of information and cryptocurrency assets. There is no shortage of examples of cyberattacks in the world of the Web3 and we can cite for example the data breach at HubSpot, a customer relationship management software company. This kind of violation has led to phishing risks for Trezor users.

Other blockchain companies like OpenSea are potential targets

Fractal, an NFT platform launched by Twitch co-founder Justin Kan, had an eventful debut in December after a scammer hacked the ad bot to pocket $150,000. One of the biggest crypto heists to date was the theft of $625 million from Ronin, a blockchain network connected to the Axie Infinity play-to-win.

Security on the Web3 still remains unstable. This is the reason why it is the sector that probably has the most future in the blockchain universe. Theoretically, the decentralized nature of the blockchain and the Web3 should allow for better security. However, many platforms, wallets, etc, remain exposed due to their much more centralized aspect. In addition, hackers always find loopholes, and the loot is juicy. Blockchain-based services represent astronomical amounts of money.

Receive a digest of the news in the world of cryptocurrencies by subscribing to our new daily and weekly newsletter service so you don’t miss anything essential Cointribune!

Grégoire Murten avatar
Grégoire Murat

Student passionate about entrepreneurship and fascinated by the technologies behind cryptos! Yes, I am convinced that the two are intimately linked: blockchain and NFTs are revolutionizing many sectors and present unprecedented opportunities.

Related posts

NFT Bored Ape Yacht Club (BAYC): The Game Over?

Reginald Easterling

NFT: You don’t know how to create one for your business? Gardenlab is here for you!

Reginald Easterling

BAYC victim of hacking once again!

Reginald Easterling