OpenSea hit by data breach after email delivery partner leaks addresses

Quick Take

  • An employee of OpenSea’s email delivery partner Customer.io leaked customer emails to a third-party. 
  • The NFT platform has warned users that there is now “a heightened likelihood for email phishing attempts.” 

NFT marketplace OpenSea has suffered a data breach after an employee at its email delivery partner leaked user data.

In a blog post published late on June 29, OpenSea said that an employee of Customer.io had “misused their employee access to download and share email addresses – provided by OpenSea users and subscribers to our newsletter – with an unauthorized external party.”

The leaked information included email addresses, according to the blog post, and OpenSea warned users that this could result in a “a heightened likelihood for email phishing attempts.”

The company said customers should assume they have been impacted by the news if they had shared their email address with OpenSea in the past.

OpenSea added in the blog post that the company is assisting Customer.io with its own internal investigation, and that the incident has been reported to law enforcement.

Screenshots shared on Twitter show that OpenSea has also contacted customers by email to inform them about the breach.

This article's headline has been updated to make it clear that OpenSea's email delivery partner Customer.io suffered the breach. 


© 2022 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.