An employee of OE delivery vendor, Customer.io has downloaded and shared stored email addresses associated with OpenSea accounts and newsletter subscriptions with an unknown third party.
OpenSea email data breach
Customer.io is an automated messaging platform for tech-savvy marketers who want more control and flexibility to craft and send data-driven emails, push notifications, and SMS messages.
They posted on Twitter, “An employee of our email vendor, http://Customer.io, misused their employee access to download & share email addresses with an unauthorized external party.
Email addresses provided to OpenSea by users or newsletter subscribers were impacted.”
All the OpenSea account holders’ or newsletter subscribers’ email addresses are in danger and can be affected any time. Company’s head of security Cory Hardman posted in a blog, “If you have shared your email with OpenSea in the past, you should assume you were impacted. We are working with Customer.io in their ongoing investigation, and we have reported this incident to law enforcement.
Please stay vigilant about your email practices, and be alert for any attempt to impersonate OpenSea via email.”
How Can You Protect Yourself?
Hardman in his blog has talked about some safety recommendations.
- Be cautious of phishing emails from addresses trying to impersonate OpenSea.OpenSea will ONLY send you emails from the domain: ‘opensea.io.’
- Never download anything from an OE. Authentic OpenSea emails do not include attachments or requests to download anything.
- Check the URL of any page linked in an OpenSea email. We will only include hyperlinks to ‘email.opensea.io.’ URLs. Make sure that ‘opensea.io’ is spelled correctly, as it’s common for malicious actors to impersonate URLs by shuffling letters.
- NEVER share or confirm your passwords or secret wallet phrases. OpenSea will never prompt you to do this – in any format.
NEVER sign a wallet transaction prompted directly from an email. OE will never contain links which directly prompt you to sign a wallet transaction.
Read our Latest Issue: 10 smartest companies to watch 2022