Data Breach on OpenSea: 7 Million Email Addresses Exposed, Causing Widespread Fears of Phishing Scams and Financial Losses

Title: 7 Million OpenSea Addresses Leaked in 2022 Breach, SlowMist Confirms

Two years ago, a massive data breach occurred on the popular NFT marketplace OpenSea, and it seems that even now, the damage is still being felt. The latest update from SlowMist’s pseudonymous chief information security officer, “23pds,” reveals that an astonishing 7 million email addresses were leaked during this incident.

In June 2022, OpenSea initially alerted its customers to a data breach, stating that it had identified that an employee of Customer.io, their email automation vendor, had compromised the email addresses. Unfortunately, instead of disclosing the magnitude of the breach at the time, they decided to keep it under wraps for over two years.

It is not surprising that this delay in disclosure has given attackers a significant window to exploit the leaked data and engage in phishing scams. Sadly, these types of attacks are nothing new, as we have seen countless instances where hackers have used compromised email addresses to trick victims into sharing sensitive information.

The blockchain security firm CertiK recently released a report which highlights the immense financial losses resulting from these phishing attacks. In 2024 alone, it was found that nearly half of all stolen cryptocurrency came from such scams, with over $1.05 million lost in just 296 incidents. It’s even more disconcerting to note that a staggering 39.1% of all reported cases were related to this type of attack.

Phishing attacks have become particularly prevalent in the crypto industry due to their simplicity and effectiveness. These malicious activities prey on human weaknesses, rather than focusing solely on technical systems. They can take various forms, such as deceptive emails, fake websites, or fraudulent messages that deceive users into sharing sensitive data like passwords, private keys, or wallet addresses.

As we all know, once funds are sent to an unauthorized address in the crypto space, they become irreversibly lost. It is crucial for industry stakeholders and users alike to remain vigilant and informed about these risks, as losses can be catastrophic.

Source: cryptopotato.com