Security News > 2022 > June > OpenSea discloses data breach, warns users of phishing attacks
OpenSea, the largest non-fungible token marketplace, disclosed a data breach on Wednesday and warned users of phishing attacks that could target them in the coming days.
The company's Head Of Security, Cory Hardman, said that an employee of Customer.io, the platform's email delivery vendor, downloaded email addresses belonging to OpenSea users and newsletter subscribers.
Since the emails stolen in the incident were also shared with an unauthorized external party, Hardman urged potentially affected users to be alert for phishing attempts impersonating OpenSea.
Examples of domains that could be utilized in phishing attacks targeting OpenSea users include opensea.org, opensea.
In the past, OpenSea users have been targeted by threat actors impersonating fake support staff and by a phishing attack that left more than a dozen users without hundreds of NFTs worth roughly $2 million.
In September, OpenSea also closed a bug that could let attackers empty OpenSea account owners' cryptocurrency wallets by luring them to click on malicious NFT art.
News URL
Related news
- Texas State Bar warns of data breach after INC ransomware claims attack (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Fintech giant Finastra notifies victims of October data breach (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- US drug testing firm says data breach impacted 3.3 million people (source)
- US drug testing firm DISA says data breach impacts 3.3 million people (source)
- Background check, drug testing provider DISA suffers data breach (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)