OpenSea users are facing renewed security threats due to a 2022 data breach affecting over 7 million people. Despite warnings, the data was recently made public, increasing the risk of phishing attacks, according to SlowMist.
Circumstances of the Data Breach
In June 2022, a data breach occurred when an employee of Customer.io, OpenSea’s email service provider, misused their access to obtain and share users' email addresses with unauthorized parties. This included addresses of prominent figures and companies. OpenSea advised users to be cautious, stating that legitimate communications would only come from the 'opensea.io' domain.
Risks and Consequences
The data breach became more severe when this information was publicly shared in early 2024, creating opportunities for malicious activities such as phishing and fraudulent schemes aimed at stealing user data and funds.
Phishing Attacks and Their Impact
During 2023 and 2024, phishing attacks on the platform intensified. Hackers impersonated platform staff and created fraudulent sites to deceive users, resulting in significant financial losses and data breaches. Overall, losses from these attacks and private key breaches amounted to over $750 million in 2024.
The data breach has created favorable conditions for scammers, highlighting the need for increased vigilance and data protection within the crypto industry. Users need to take additional measures to safeguard their accounts and information.
