OpenSea, the popular NFT marketplace has been hit with another data breach. This time, the company says that an employee of its email vendor, Customer.io, apparently downloaded and shared email addresses linked to OpenSea accounts.
The company said in a tweet, that emails provided to the marketplace by users, and people who had subscribed to its newsletters were both affected.
In a post on their blog, the company said that there was a high chance of email phishing attempts, now that the addresses had been leaked online. It also appealed to customers to maintain safe email practices and categorically told them to only respond to mails from their official domain (opensea.io).
The told customers to be vigilant and not respond to visually similar or fake domains that mimicked their official account, some examples given were - opensae.io, opensea.org and opensea.xyz -.
They also warned users that official OpenSea mails would never contain any attachments, and told them to ignore download requests from similar or suspicious domains.
"Your trust and safety is a top priority. We wanted to share the information we have at this time, and let you know that we’ve reported the incident to law enforcement and are cooperating in their investigation," the company wrote in the blog post.
OpenSea has been in the news a lot recently, for all the wrong reasons. Earlier last month, Nathanial Chastain, the former head of products at the company, was charged by the US Department of Justice with wire fraud and money laundering.
If that wasn't enough, it is facing lawsuits by at least four traders who claimed to have been scammed due to the poor security of the site. Earlier in the year, OpenSea users were also the subject of a phishing attack, that saw them loose hundreds of NFTs.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
