NFT Marketplace OpenSea Announces Data Breach Involving User Email Addresses | Console and Associates, P.C.


117
157 shares, 117 points


Recently, the NFT marketplace OpenSea issued a warning to users as well as those who subscribe to the company’s newsletter that an employee at OpenSea’s email delivery vendor, Customer.io, downloaded a file containing email addresses and shared it with an unauthorized party. In response, OpenSea is advising all potentially affected parties to be on the watch for upcoming phishing emails designed to get victims to provide their personal information.

If you believe you were affected by the OpenSea breach, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the OpenSea data breach, please see our recent piece on the topic here.

Additional Information About the OpenSea Data Breach

According to the company’s news release, OpenSea recently learned that there was what appears to be an intentional leaking of email addresses at Customer.io, a third-party email vendor. Evidently, an employee at Customer.io “misused their employee access to download and share email addresses” with an unauthorized party outside of the organization.

In the wake of the breach, OpenSea advised all users of the platform, as well as anyone who subscribes to the OpenSea newsletter, to be careful of unauthorized emails that appear to come from OpenSea. The company provided several examples of potential domain names from which a phishing email may originate, such as opensea.org, opensae.io, and opensea.xyz. The domain name for OpenSea is opensea.io.

Founded in 2017 in New York, New York, OpenSea is an NFT (non-fungible token) marketplace that allows users to buy and sell NFTs at a fixed price or through an auction format. The company deals in all types of NFTs, including collectibles, gaming items, domain names, digital art, and other items backed by blockchain technology. OpenSea employs more than 200 people and generates approximately $42 million in annual revenue.

Preventing Phishing Attacks

While news of the OpenSea breach is limited, the company indicates that the data breach leaked users’ email addresses. While a leaked email address doesn’t necessarily present the same level of concern as leaked Social Security numbers or financial data, hackers who obtain compromised email addresses may use them in an email phishing attack.

Hackers orchestrate cyberattacks in a few different ways. Phishing attacks are one of the most common types of cyberattacks. In a phishing attack, the hacker sends a seemingly legitimate email requesting the recipient either provide their login credentials or click on a link. For example, hackers will often send the email under the guise that it’s from a business the potential victim has an account with, asking them to “reset” their password. If the victim responds, it gives the hacker access to the victim’s account. In some phishing attacks, hackers ask victims to click on a malicious link. By clicking on the link, the victim downloads malware onto their system, which can have various consequences, but generally involves giving the hacker access to the victim’s system. The information obtained through a phishing campaign can then be used to commit fraud or identity theft against the owner of the information.

Phishing attacks are very common. According to a 2021 study, U.S. employees get an average of 14 malicious emails per year. However, consumers are also frequently targeted directly. One study looking at 55 million emails found that over one percent of all emails were phishing attempts. Because these attacks are very well designed, many people fall for the hackers’ tricks. In fact, on average, 30% of all phishing emails are opened.

Given the frequency of email phishing attacks, it is imperative to stay alert when checking your email and double-check all email domains to ensure they are legitimate. Those who have questions about a recent phishing attempt should contact a data breach lawyer for assistance.



Source link


Like it? Share with your friends!

117
157 shares, 117 points

What's Your Reaction?

hate hate
30
hate
confused confused
16
confused
fail fail
6
fail
fun fun
3
fun
geeky geeky
33
geeky
love love
23
love
lol lol
26
lol
omg omg
16
omg
win win
6
win
Daily List

0 Comments

Choose A Format
List
The Classic Internet Listicles
Ranked List
Upvote or downvote to decide the best list item
Meme
Upload your own images to make custom memes
Story
Formatted Text with Embeds and Visuals
Poll
Voting to make decisions or determine opinions