• Dapps:16.23K
  • Blockchains:78
  • Active users:66.47M
  • 30d volume:$303.26B
  • 30d transactions:$879.24M

OpenSea Data Breach: Over Seven Million Email Addresses at Risk

user avatar

by Giorgi Kostiuk

a year ago

The security breach at OpenSea in 2022 has left over seven million email addresses publicly available, raising significant cybersecurity concerns.

Timeline of the OpenSea Data Breach

In June 2022, at the height of OpenSea's success, an employee of Customer.io, an email automation provider, exploited their access to extract and share email addresses from OpenSea's user database with an unauthorized third party. The leak primarily targeted the platform's user base but also affected prominent figures in the cryptocurrency sector, including Binance’s CEO Changpeng Zhao and other leading firms.

Public Disclosure and Phishing Threats

Cybersecurity expert 23pds confirmed on X (formerly Twitter) that the email addresses, including those of industry leaders, are now widely accessible. This makes them prime targets for phishing attacks, which can cause severe financial and reputational damage. The data release amplifies the risk, making affected individuals susceptible to scams and other malicious activities. 23pds emphasized that these email addresses could be used by bad actors to create convincing phishing attacks, potentially leading to the loss of user funds and personal information.

Recommendations for Affected Users

SlowMist’s security expert advised all users whose email addresses were compromised to take immediate precautions. This includes creating strong, unique passwords for their accounts and using a password manager to securely store them. The use of two-factor authentication (2FA) is highly recommended, with a preference for authenticator apps over SMS-based 2FA due to their increased security. OpenSea previously reinforced these security measures, reminding users to be cautious of emails appearing from unofficial OpenSea domains such as “opensae.io,” “opensea.org,” or “opensea.xyz.”

Phishing attacks resulting from such breaches have become a significant issue, prompting crypto platforms to pay close attention to security across all levels of their infrastructure. The OpenSea case highlights vulnerabilities in third-party services, necessitating stronger security measures to protect sensitive user data.

0

Rewards

chest
chest
chest
chest

More rewards

Discover enhanced rewards on our social media.

chest

Other news

UBS Selects Partner for Cryptocurrency Investment Products

chest

UBS is selecting a third-party partner to launch cryptocurrency investment products, focusing on security and regulatory compliance.

user avatarJacob Williams

Institutional Adoption of Cryptocurrency Grows with UBS's Move

chest

UBS's announcement marks a significant step in the ongoing trend of institutional adoption of cryptocurrency, driven by client demand from younger, high-net-worth individuals.

user avatarAndrew Smith

Aave hands over Lens Protocol management to Mask Network.

chest

Aave has transferred stewardship of Lens Protocol to Mask Network, allowing Aave to refocus on decentralized finance while remaining involved in a technical advisory role.

user avatarZainab Kamara

The End of the Talking-to-Earn Era as Platforms Reclaim Control

chest

The recent changes by X have marked the end of the talking-to-earn era, as platforms tighten their control over content production and incentives.

user avatarSon Min-ho

X Revokes API Access for InfoFi Applications, Signaling End of Incentive Model

chest

On January 15, X announced the revocation of API access for InfoFi applications, disrupting the economic foundations of posting-driven incentives.

user avatarAyman Ben Youssef

EFCC Indicts Nine Fintech Companies in 18 Billion Naira Scam

chest

The Economic and Financial Crimes Commission (EFCC) has linked nine fintech and investment-related companies to an 18 billion naira investment scam affecting over 200,000 Nigerians.

user avatarTando Nkube

Important disclaimer: The information presented on the Dapp.Expert portal is intended solely for informational purposes and does not constitute an investment recommendation or a guide to action in the field of cryptocurrencies. The Dapp.Expert team is not responsible for any potential losses or missed profits associated with the use of materials published on the site. Before making investment decisions in cryptocurrencies, we recommend consulting a qualified financial advisor.