Despite its recent 13-billion-dollar valuation and raft of high-profile errors, security on the OpenSea platform continues to disappoint. The latest scandal saw an employee at its email delivery vendor, Customer.io, share its entire mailing list with an unauthorized external party, resulting in the details of everyone trusting this personal information with OpenSea being exposed.
Following the alarming development, OpenSea has advised its users to be on high alert for phishing activity. Therefore, it has reiterated that all its emailed correspondence will only originate from its official domain, opensea.io. In addition, the team advised its customers that it will never initiate a wallet transaction from an email, nor will it prompt users to download software or share passwords and keys. The purveying message then, to remain vigilant and always err on the side of caution.
An employee of our email vendor, https://t.co/6vM4WAcJal, misused their employee access to download & share email addresses with an unauthorized external party.
Email addresses provided to OpenSea by users or newsletter subscribers were impacted.https://t.co/Osb6qqkqZZ
— OpenSea (@opensea) June 30, 2022
Going forwards, OpenSea intends to conduct a thorough investigation into the incident, while additionally liaising with the relevant law enforcement authorities in order to escalate further. As of now, OpenSea has not commented on its future with the email vendor in question, Customer.io.
Read OpenSea’s full disclosure >> Here
Want more? Connect with NFT Plazas
*All investment/financial opinions expressed by NFT Plazas are from the personal research and experience of our site moderators and are intended as educational material only. Individuals are required to fully research any product prior to making any kind of investment.
Decentralised human, Explorer, Adventurer.