OpenSea data breach causes massive leak of users’ email addresses

OpenSea, the world’s largest nonfungible tokens (NFT) marketplace, has issued a warning to customers after it was discovered that an employee of Customer.io, a platform for managing email newsletters and campaigns, leaked the list of OpenSea customers’ emails to an outside party.

The breach has affected all of the users who have given their email to the marketplace, whether it’s for the platform or its newsletter. Following the breach, OpenSea advised customers against potential phishing attempts.

The NFT marketplace announced on Thursday that it has contacted law enforcement officials about the breach and that an investigation is in progress.

The most recent data breach is far from the first major assault on OpenSea and its users this year. In May, the popular NFT marketplace’s Discord server was hacked, leading to a deluge of phishing assaults. In the event, numerous user wallets were exploited. In January, the platform was subjected to one of its most severe assaults yet, in which an exploit allowed attackers to sell NFTs without permission. The marketplace reimbursed $1.8 million in losses.

In March, Hubspot, a comparable service to Customer.io, was hacked, exposing customers’ usernames, phone numbers and emails on BlockFi, Swan Bitcoin, NYDIG and Circle. Customers of these platforms had their names, phone numbers and email addresses released to an unknown party.

Related: OpenSea Discord server hacked, users warned to be vigilant of phishing scams

OpenSea warned that hackers may attempt to contact OpenSea customers through emails from domains that appear similar to OpenSea.io or OpenSea.xyz. Users on Twitter have reported an increase in spam emails, phone calls and text messages.