- Through their email provider Customer.io, OpenSea, the largest NFT marketplace by daily volumes, reported a data compromise.
OpenSea NFT Information Compromised
According to the marketplace, a Customer.io employee abused their authority to acquire and divulge customer email details to a third party. Any consumer who has given the marketplace their email address—whether for the site or its newsletter—is probably affected by the incident. Following the hack, OpenSea issued a warning to consumers about potential phishing scams. In a blog post, the NFT marketplace stated that it is currently in communication with law enforcement authorities regarding the breach and that an investigation was launched.
The most recent information breach is very far from OpenSea and its clients’ first significant attack this year. The popular NFT marketplace’s Discord server was breached in May, and phishing attempts poured in. In the hack, some user wallets were stolen. Probably one of the hardest assaults the platform has ever seen occurred in January when a vulnerability enabled hackers to sell NFTs even without owners’ consent. Although the marketplace returned around $1.8 million to its clients, it was unclear how much of an overall impact the assault had. Despite the market at the moment improving its security procedures to prevent fraud, there was a new data breach for OpenSea.
Less than a week before the OpenSea compromise, the DeFi protocol Harmony was the victim of another prominent cryptocurrency heist in which roughly $100 million was lost. Most likely, the renowned North Korean hacker outfit Lazarus was responsible for this attack. The organization is also responsible for many previous crypto-related hacks, most notably the Axie Infinity breach in April that resulted in the theft of tokens valued at over $600 million. The assault represents one of the biggest crypto-related hacks to date. According to a recent estimate by blockchain analytics company Elliptic, the gang may have taken over $2 billion in total.