There are grave concerns in the cryptocurrency space regarding the data breach involving the 2022 OpenSea email vendor breach. Over seven million email addresses from that incident are now in the public domain. The ecosystem became aware of the update via 23pds, SlowMist’s Chief Information Security Officer’s post on X.
The OpenSea Response to the Initial Breach
23pds notes that this leakage of users’ email addresses increases the risks for the affected users. Primarily, malicious actors could target them in a phishing email scam to attempt to dispossess them of their funds.
Although the leak initially occurred two years ago, in 2022, the data did not get widely circulated back then. However, the current development means all the information is accessible to everyone. This accessibility makes them most vulnerable to fraud attacks.
Notable figures, companies, crypto influencers, and others in the crypto industry are among those whose email addresses have been compromised. Analysts suggest that the rate of phishing scams might spike as malicious actors have been known to target high-profile individuals and accounts. This allows them to rake in high financial reward if their attack is successful.
Will Phishing Mail Scams Spike?
For perspective, OpenSea realized in June that one of its employees for its email automation provider, Customer.io, had exploited their access to download users’ email addresses. This employee shared the downloaded addresses with an unauthorized third party.
At the time, OpenSea proactively alerted its users to assume their information had been compromised. However, the full dataset remained under limited circulation until now, when it is publicly accessible to everyone, including malicious actors.
23pds post serves as a cautionary note for users to remain vigilant, especially those who might be affected by the leak. It taxed them to be on the lookout for suspicious emails and take appropriate security measures to protect themselves.
Experts Call for Vigilance and Preventive Measures
Notably, phishing scams lure users into parting with sensitive information. These include such details as login credentials and personal data by pretending to emanate from official channels.
Tech experts have also urged users to beware of airdrops, buzz offerings, and other reward programs. They advised users to double-check any offer of free tokens with links in emails to claim such rewards as they could be phishing scams from fraudsters.
