As a researcher, I’m sharing some concerning news: Over seven million email addresses exposed in an OpenSea email vendor leak from 2022 have now been made widely available online. This revelation serves as a fresh trove of information for scammers, according to a SlowMist executive, who urges caution.
In a recent post on January 13th, SlowMist’s CISO, “23pds,” mentioned the data breach of OpenSea’s email service provider from last year [2022], which resulted in the exposure of emails. It appears that these leaked email addresses have since been widely shared and exposed to the public following several disseminations.
23pds shared with CryptoMoon that even though the cyber-attack took place in June 2022, the details had only just become available. This means that all potential attackers could leverage this information for phishing schemes or fraudulent activities.
“Previously, it was not made public. Now all the leaked data has been made public in its entirety and is available to anyone who wants it.”
As an analyst, I recently received a screenshot from 23pds, showcasing a Telegram message containing an attachment titled “opensea.io_mail_list.rar.” This file supposedly contains approximately 7 million entries.
23pds on X stated that the leaked data totalled approximately 7 million pieces, encompassing a significant volume of email details pertaining to overseas cryptocurrency professionals, which includes numerous influential individuals, corporations, and key industry influencers (KOLs).
On June 29, 2022, one of the world’s biggest NFT marketplaces, OpenSea, informed its users about a data breach. This occurred as a result of an employee at Customer.io, their email automation service, inadvertently leaking a list of OpenSea customer emails to an external entity.
If you’ve previously provided your email to OpenSea, consider yourself possibly affected. We’re collaborating with Customer.io during their current probe, and we’ve already notified relevant law enforcement about this event. (This was stated earlier.)
Preventing phishing scams
23pds recommends anyone suspecting an email leak to establish robust, distinct passwords and keep them safe by using a reliable password management tool.
It’s suggested that you implement two-factor authentication (2FA) whenever feasible, preferably using an authenticator app instead of the SMS-based method, and remember to always keep your device software up-to-date.
2024 saw phishing scams as a major security concern, with cybercriminals successfully stealing approximately $1 billion worth of digital assets across 296 separate incidents, as reported by CertiK.
Last year, phishing was the most expensive method used in cyber attacks, according to a representative from CertiK. However, it’s important to note that our estimates might be understated since they don’t account for unreported incidents and other forms of phishing such as pig butchering.
Read More
- OM/USD
- Carmen Baldwin: My Parents? Just Folks in Z and Y
- Jellyrolls Exits Disney’s Boardwalk: Another Icon Bites the Dust?
- Solo Leveling Season 3: What You NEED to Know!
- Solo Leveling Season 3: What Fans Are Really Speculating!
- Despite Strong Criticism, Days Gone PS5 Is Climbing Up the PS Store Pre-Order Charts
- Netflix’s Dungeons & Dragons Series: A Journey into the Forgotten Realms!
- Joan Vassos Reveals Shocking Truth Behind Her NYC Apartment Hunt with Chock Chapple!
- The Perfect Couple season 2 is in the works at Netflix – but the cast will be different
- Disney’s ‘Snow White’ Bombs at Box Office, Worse Than Expected
2025-01-13 07:16