An employee at an outside contractor tasked with managing OpenSea email newsletters copied the list of customer emails and shared it with an outside party, OpenSea says.
Watch out for phishing emails, says OpenSea, after staff at the world’s largest NFT marketplace discovered that an employee of Customer.io, a platform for managing email newsletters and campaigns, leaked the list of OpenSea customers’ emails to an outside party.
Email newsletter management platforms and Customer Relationship Management (CRM) software appear to be a weak spot for crypto firms as leaks of this data continue to happen at a high frequency.
In March, Hubspot, a platform similar to Customer.io, was hacked, affecting BlockFi, Swan Bitcoin, NYDIG, and Circle.
Users of these platforms had their names, phone numbers and email addresses leaked to an outside party.
OpenSea said that malicious actors may try to contact OpenSea customers via emails from domains that look similar to OpenSea.io such as OpenSea.org or OpenSea.xyz
On Twitter, OpenSea customers are complaining of an uptick in spam emails, calls, and text messages.