Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

Employee Shared OpenSea User Email Addresses With an 'Unauthorized' Party (protocol.com) 8

An employee working for OpenSea's email delivery vendor misused their customer data access to download and share email addresses with an "unauthorized external party," the NFT marketplace wrote in a company blog post Wednesday. The employee worked for Customer.io. From a report: OpenSea said customers who have shared their emails in the past "should assume" they were affected and will receive an email from opensea.io with more information. Customer.io launched an investigation into the issue, and the incident was reported to law enforcement. "Your trust and safety is a top priority," OpenSea wrote. "We wanted to share the information we have at this time, and let you know that we've reported the incident to law enforcement and are cooperating in their investigation."
This discussion has been archived. No new comments can be posted.

Employee Shared OpenSea User Email Addresses With an 'Unauthorized' Party

Comments Filter:
  • by suss ( 158993 ) on Thursday June 30, 2022 @10:36AM (#62662344)

    Apparently OpenSea [wikipedia.org] is one of those NFT marketplaces. Ongoing shady practices from a shady business, alledgedly, ofcourse.

    • by tlhIngan ( 30335 )

      Ongoing shady practices from a shady business, alledgedly, ofcourse.

      Well, if you're running a well known scam, and you have a list of people who fell for the scam, you have a valuable list of marks. So it's more of a wonder why it hasn't been shared earlier because if you can get someone to spend a fortune on NFTs, you might as well plunder them for more NFTs.

  • The list of OpenSea (an NFT marketplace) user emails is a database of incredible value.

    It is full of valid emails for people with lots of money to burn (since they are OpenSea users) and who have proven to be naïve enough to fall into the most basic scam (since they are OpenSea users).

    For nigerian scammers, this is a gold mine.

    • It's also a possible link from whatever IP they used to conduct the NFT transaction with to a name. Which in turn could unmask VPN endpoints, and bitcoin wallets. Fun stuff just got leaked, I'm sure the eyes are having a field day.
  • A reminder that every a company says "Your trust and safety is a top priority," or "We take security very seriously"

    Your data has already been stolen.

  • Thank goodness blockchain has led us to this decentralized utopia, where no one point of vulnerability exists!

No spitting on the Bus! Thank you, The Mgt.

Working...