OpenSea’s non-fungible token (NFT) digital asset marketplace has recently been hit by another problem. They announced that there was a data leak that had an impact on the e-mails of users registered with OpenSea, whether they had made transactions or had just signed up for the newsletter service.
OpenSea Announces Data Leak
According to the company from the United States (US), this leak was caused by misuse of access by an employee of an OpenSea partner who manages e-mail data.
The employee, who is from an OpenSea partner named Customer.io, is alleged to have downloaded and stolen the e-mails of OpenSea users and shared them with third parties. No mention of the number of affected users.
However, OpenSea urges users, who have registered their e-mail in the marketplace to be careful in the future. This is because the stolen e-mail could be the target of cyber attacks in the form of fraud or phishing by irresponsible people.
“If you have shared or used your e-mail with OpenSea, then you could be one of the affected users,” said OpenSea, quoted from TechCrunch, Friday (1/7/2022).
Currently, OpenSea and Customer.io are conducting in-depth investigations regarding this data leak case. They have also reported the incident to local law enforcement.
Regarding the data leak itself, Customer.io said that it most likely had an impact on OpenSea data only. This means that their other clients may not be included in this incident.
The Customer.io employee who leaked the e-mail of the OpenSea user has been temporarily relieved of his responsibilities. “Currently we have terminated the employee from his job, and we have cut off access to all user e-mail data, at least during the investigation process,” wrote Customer.io.
Not only this time, OpenSea has also been hit by a similar incident in the last few months. In January, for example, a group of hackers took advantage of a security vulnerability or bug in the platform and bought up a collection of NFTs worth US$1 million.
Then in early May, OpenSea had announced that there was a hacking attempt on their Discord server. There was also an OpenSea employee who was caught and detained by the local police for carrying out “hacking” through the illegal NFT trade around early June.