OpenSea (NFT marketplace) 3rd party vendor leaked all customers’ email addresses – perfect suckers for phishing campaign list

An employee of OpenSea’s email delivery vendor Customer.io “misused” their access to download and share OpenSea users’ and newsletter subscribers’ email addresses “with an unauthorized external party,” Head of Security Cory Hardman warned on Wednesday.

“If you have shared your email with OpenSea in the past, you should assume you were impacted,” Hardman continued.

To be clear: that is a whole lot of email addresses.

OpenSea is basically a virtual super-mall where people buy and sell non-fungible tokens — essentially an electronic receipt on a blockchain for some type of digital asset, like art, music or collectibles. In other words: nothing, which many, including Bill Gates, consider a very foolish purchase indeed.

OpenSea claims to be the largest NFT marketplace, and it boasts a transaction volume of over $20 billion and more than 600,000 users, all of which presumably provided their email addresses at one point.

Plus, there’s likely more that simply subscribed to the online bazaar’s email list.

[…]

Source: OpenSea says rogue insider leaked customers’ email addresses • The Register

Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft