OpenSea was a target of a vast phishing campaign that allowed hackers to steal from 32 accounts, including some very famous ones such as Bored Ape Yacht Club and Azuki.
A staff member at Customer.io, an email vendor contracted by OpenSea, misused their employee access to download and share email addresses of OpenSea’s users and newsletter subscribers with an unauthorized external party, the world’s largest NFT marketplace said.
Only email addresses were compromised in this data breach to run the phishing campaign.
Source: techcrunch.com, hightechwiki.com, Ziroh Alert (#ZirohAlert)
