OpenSea experiences email data breach, warns users of phishing scams
An employee of Customer.io, an email vendor contracted by OpenSea, reportedly misused their access to download and share email addresses with an unauthorized external party. The company said that the email addresses users and newsletter subscribers provided to OpenSea were impacted.
![](data:image/svg+xml;utf-8,<svg xmlns="http://www.w3.org/2000/svg" width="1200" height="630" />)
Customer.io has already launched an investigation into the matter and the incident has been reported to law enforcement, the company said. Users have already begun reporting an uptick in phishing emails from fake OpenSea domains. This isn’t the first time OpenSea users were targeted by phishing scams. In February this year, close to $2 million worth of NFTs were stolen in an elaborate phishing attack that affected 32 users. The attack caused activities on OpenSea to drop significantly, with the platform losing over a third of its trading volume and a fifth of its users.
6 comments