More than 7 million OpenSea users are at risk after it was recently announced that email addresses were compromised in a 2022 data breach.

According to the chief information security officer at security firm SlowMist, 23pds, the leaked data significantly increases the risk of phishing and other attacks. On January 13 mailthe security researcher alerted members of the cryptocurrency community that the hacked data had been publicized several times before it was made public.

23pds added that the leaked data includes email addresses belonging to prominent figures in the cryptocurrency industry, such as former Binance CEO Changpeng “CZ” Zhao, in addition to well-known companies, key opinion leaders and other influential individuals, warning that it poses additional risks to privacy and security. Assets in the future cryptocurrency industry.

The email addresses in question have been hacked June 2022 Incident involving an employee at Customer.io, OpenSea's email delivery vendor, who abused his access to download and share email addresses provided by OpenSea users and newsletter subscribers with an unauthorized third party.

At the time, the NFT market advised users to look out for phishing and impersonation attempts, and warned against downloading attachments or signing wallet transactions from email links, adding that all official communications would only come from “opensea.io.” specialization.

As one of the largest NFT markets, OpenSea users have been Targeted By phishing scammers on several occasions.

Just months after the data leak, in December 2022, the blockchain security platform was discovered I alerted Users reported that the attackers were using phishing sites to exploit OpenSea's gas-free transactions feature. Victims were tricked into signing incomprehensible signature requests, which inadvertently allowed for private sales or instant transfer of valuable NFT tokens to the attackers' account.

In November 2023, the developers of OpenSea Targeted Through phishing campaigns, including fake developer account risk alerts, leading some experts to believe that developer contact information may have been compromised.

Likewise, in January 2024, scammers Emails sent To OpenSea users promising an exclusive limited edition NFT event in collaboration between Nike and RTFKT. The email claimed that the recipients were among 400 selected participants, and included a link to “Mint RTFKT Now,” which reportedly directs victims to a malicious website designed to steal wallet information or funds.

Phishing scams remain a Big threat Cryptocurrency enthusiasts love it due to the many forms it comes in, making it difficult to trace and difficult to block effectively. Experts advise users to remain vigilant by checking email sources, avoid clicking on unknown links, enable two-factor authentication, and never share private wallet keys or sensitive information online.