Several BAYC and CryptoPunks collectors who put up their tokens as collateral backing for Ethereum loans have been unable to settle their dues. Crypto analysts believe this could mark the onset of the first major liquidation crisis in the NFT industry. BendDAO Loans and Possible Risks Rumors of a liquidation spiral began earlier this week following a post about NFT lending platform BendDAO. BendDAO is a web3 protocol that allows users to take out loans in Ethereum using their non-fungible…
NFT marketplace OpenSea informed its users of possible phishing attacks, following a data breach exposing customer emails. Notably, the company has been at the center of attacks and controversies in recent months.
Concerns over Customer Security
Open Sea in a blog post revealed that an employee of Customer.io, OpenSea’s email vendor, abused their privileges. The errant employee downloaded and shared customer data with an authorized third party. In light of the development, OpenSea warned its customers of the potential vulnerability of the millions of leaked emails. “Please be aware of malicious actors,” the company wrote, imploring users to beware of phishing mails and similar.
Indeed, OpenSea’s customers have been a target of phishing attacks of late. And the latest breach appears to be potentially more serious. The leading marketplace has about 2 million active users who have made at least one purchase on the platform since its inception. The potential vulnerability of two million emails to bad actors is quite the dilemma.
If you have shared your email with OpenSea in the past, you should assume you were affected. We are working with Customer.io in their ongoing investigation, and we have also reported the matter to relevant authorities.’’
Vigilance against Phishing Scams
The company explained that cyber criminals may leverage the leaked data. Malicious actors could try to access sensitive information by posing as OpenSea itself. For example, the criminals may use domain names that are very similar to the official “opensea.io’’, such as “opensea.org’’, “opensae.io’’, or even “0pensea.io”.
While OpenSea’s team swiftly reached out to users, some of its customers were however not impressed with the development. OpenSea in past months has had an unfortunate history of phishing attacks. And some did not only remind the marketplace of this, they likewise demanded compensation.
Shaky First Half for OpenSea
A report from CryptoAdventure earlier in June revealed how a hacker compromised OpenSea’s Discord servers to push an NFT scam. Amid the milieu of scams and controversies, an ex-employee of the company was likewise charged with allegations of NFT insider trading. As a matter of fact, OpenSea began the year on a shaky note. The NFT marketplace refunded victims of a listing error of more than $1.8 million as early as January.
Considering the team’s swift move to take responsibility this time, OpenSea will hope there won’t be a repeat of these events.