7 Million OpenSea User Emails Leaked Online
The 2022 OpenSea data breach exposed millions of user email addresses, but the data wasn’t made public until January 2024, sparking renewed concerns.
On this page
More than 7 million email addresses from OpenSea’s 2022 data breach have now been leaked online, creating new opportunities for scammers to exploit user information. Cybersecurity expert 23pds from SlowMist confirmed the development, warning of its implications.
Remember the attack on the OpenSea mail service provider in 2024 that led to the leakage of emails? The leaked email addresses have now been fully publicized after multiple disseminations,
23pds shared in a tweet on January 13.
In an interview with Cointelegraph, 23pds clarified that while the data breach occurred in June 2022, the leaked information has only recently been made publicly available. This delayed release gives malicious actors new opportunities to target users with phishing schemes and fraudulent activities.
A scammer’s golden rule is simple: the more personalized the message, the easier it is to fool the victim. Leaks like this make the job of social engineers and fraudsters significantly easier.
Related: Social Engineering in Crypto: Top 5 Fraud Schemes
The leaked data could become a valuable tool for cybercriminals. Scammers may exploit the email addresses to conduct phishing attacks, sending fake emails that appear to be from well-known figures or companies in the cryptocurrency industry.
In a media interview, cybersecurity expert 23pds shared a screenshot of a Telegram message containing a file named “opensea.io_mail_list.rar,” allegedly holding 7 million records. According to 23pds, the leak includes email addresses of numerous cryptocurrency professionals, including prominent individuals, companies, and key opinion leaders (KOLs) in the industry.
The 2022 OpenSea Data Breach: What Happened
On June 30, 2022, OpenSea, the largest NFT marketplace, warned its users about a major data breach. The incident occurred when an employee of Customer.io, the email platform used by OpenSea, leaked a list of customer email addresses to an unauthorized third party.
The breach affected all users who had provided their email addresses on the platform, whether for account registration or to subscribe to newsletters.
The community responded swiftly to the incident, expressing serious concerns about the data breach and calling for enhanced security measures on the platform.
Many users highlighted that such breaches could undermine trust in OpenSea and expose active NFT traders to heightened risks.
Criticism also emerged regarding OpenSea’s handling of user data protection. On social media, users demanded stricter oversight of who has access to sensitive information, emphasizing the need for greater accountability and improved safeguards to prevent similar incidents in the future.
The content on The Coinomist is for informational purposes only and should not be interpreted as financial advice. While we strive to provide accurate and up-to-date information, we do not guarantee the accuracy, completeness, or reliability of any content. Neither we accept liability for any errors or omissions in the information provided or for any financial losses incurred as a result of relying on this information. Actions based on this content are at your own risk. Always do your own research and consult a professional. See our Terms, Privacy Policy, and Disclaimers for more details.
Articles by this author
