In a shocking new development, the world’s largest NFT marketplace, OpeanSea, discovered that its users’ privacy had been severely compromised. The company issued a statement saying that their email vendor, Customer.io’s employee with access to the user’s email address database, misused their powers to download and share the email IDs with an unauthorized third party. API3 weighs on the seriousness of the issue and shares its inputs.
While OpenSea themselves did not disclose the exact number of email addresses that were compromised in the data leak, estimates point to a number close to 2 million. These include the people who have opened their accounts and made at least one transaction. API3 reflects on what lies at the root cause of the data leak – “This is no accident. It is obvious that the motive was driven by monetary benefits”, notes API3. “For bad elements, the contact details of 2 million users of the largest marketplace for trading NFTs is more than just lucrative – it is an absolute gold mine.”
Ever since the data leak, users have taken to Twitter – users have stated that they have been getting suspicious emails, messages, and even calls, in some cases. With a few quick and easy clicks, users could end up losing large amounts of money or have their entire accounts get completely wiped out in front of their eyes. API3 says, while the blockchain-based decentralized networks are built on sophisticated technology that offers military-grade security, centralized networks like OpenSea cannot boast of having the same. And yet, users tend to prefer these centralized networks over the decentralized ones owing to their ease of use and general convenience.
While we cannot undo what’s already done, API3 suggests moving forward and getting your accounts secured before a person with malicious intent can get to them. How can users protect their money? API3 advises you to start small, giving users simple tips: For the next few days, be very careful of the emails you open. OpenSea’s official communication is done through opensea.io. Email addresses are created to look like the official email address so that they can be opened by unsuspecting users in haste, only to become a victim of phishing. Make sure you don’t fall prey to such scams. The same goes for any links included in the emails. While this is obvious, it is important to reiterate: avoid sharing your account details like username and password.
When it comes to joining online groups, API3 cautions users, “Discord for crypto and NFTs can prove to be a great place to meet like-minded people and invest better, but it has a murky past. In May, OpenSea’s Discord was server hacked, which led to similar phishing attacks. Even though most crypto projects do have official Discords, make sure that you pick wisely.”
Finally, API3 asks users not to panic – OpenSea is taking quick steps to rectify the situation and build a safer trading ecosystem. In the meantime, API3 advises users to remain calm, stay alert, and exercise caution.