-
Over 7 million email addresses from a 2022 OpenSea breach are now publicly exposed, escalating phishing risks.
-
Users face heightened risks of phishing attacks as malicious actors could exploit the leaked data.
-
SlowMist urges users to enable two-factor authentication and update passwords to mitigate threats.
Nearly 7 million OpenSea email addresses from a 2022 breach become public, increasing phishing threats; users advised to enhance security measures.
Crypto Users at Risk After 7 Million OpenSea Emails Go Public
In a tweet on January 13, blockchain security firm SlowMist’s chief information security officer (CISO) confirmed that the leaked email addresses have now been made public.
“Remember the attack on the OpenSea mail service provider in 2024 that led to the leakage of emails? The leaked email addresses have now been fully publicized after multiple disseminations. Please be aware of the risks associated with phishing emails and other potential cyberattacks,” the SlowMist executive stated.
According to a screenshot shared by the executive, former Binance CEO CZ’s emails were also included in the leaked data.
Screenshot Showing CZ’s Details in Leaked Data. Source: 23pds
The initial breach in 2022 was caused by an employee of Customer.io, the email automation service used by OpenSea. The employee reportedly exploited their access to user data and shared it with an external party, resulting in the leak.
At that time, OpenSea warned users of the phishing threat and advised caution when interacting with unsolicited emails.
Despite the breach occurring nearly three years ago, the exposed data remained undisclosed until recently. With over 7 million email addresses now fully public, the potential for malicious actors to launch phishing campaigns is significantly higher. Depending on the extent of the exposure, this leak could also involve other personal details.
OpenSea has yet to comment directly on this recent development. As a result, OpenSea users, including those holding significant assets, face greater risks of being targeted by scammers.
Adding to the concern, crypto phishing attacks in 2024 led to losses totaling $500 million, impacting over 330,000 wallets.
Furthermore, hackers are actively attempting to gain control of companies’ X accounts to deceive users. Earlier this month, Litecoin reported unauthorized access to its official X account, where fraudulent content was posted, including information about fake tokens.
To counter the increased threat, SlowMist recommends that affected users change their passwords immediately and enable two-factor authentication on all accounts.
Conclusion
The public exposure of over 7 million email addresses from the 2022 OpenSea breach poses significant risks to crypto users, particularly in terms of potential phishing attacks. As the situation evolves, users need to exercise caution and enhance their security measures to protect their personal information and assets.
