NFT marketplace OpenSea has suffered a data breach, in which the email addresses of users and subscribers were acquired using fraudulent means by an employee of its email delivery vendor.
“If you have shared your email with OpenSea in the past, you should assume you were impacted. We are working with Customer.io in their ongoing investigation, and we have reported this incident to law enforcement," OpenSea stated.
It added that since the data compromise included email addresses, there may be a heightened likelihood of email phishing attempts.
Data breach reported to law enforcement agencies
“Please be aware that malicious actors may try to contact you using an email address that looks visually similar to our official email domain, ‘opensea.io’," the NFT marketplace stated and added that the security breach has been reported to law enforcement agencies.
OpenSea employee recently arrested for fraud
Recently, OpenSea’s former head of product Nathaniel Chastain was charged by the United States Department of Justice with one count of wire fraud and one count of money laundering.
According to the Department of Justice, Chastain used confidential information about what NFTs were going to be featured on OpenSea’s homepage for his personal financial gain.
He was subsequently arrested.
OpenSea CEO commits efforts against frauds
The company’s co-founder and CEO Derin Finzer then committed to stepping up efforts in preventing thefts, scams, and IP infringements on the marketplace.
Finzer said while plagiarism, IP infringements, and thefts are prohibited under OpenSea’s Terms, “at our scale, comprehensive policies were not enough."
He said the company has launched a new verification system, that identifies authentic accounts and
Read more on livemint.com