OpenSea Warns of Phishing Attacks Due to Data Breach

A third-party vendor’s employee misused their access to OpenSea’s customer data, the head of security said

article-image

Blockworks Exclusive Art by Axel Rangel

share

key takeaways

  • A Customer.io employee shared email addresses with an unauthorized external party
  • OpenSea warned users of fraudsters trying to impersonate the platform by using fake domain names

Collectibles platform OpenSea has alerted customers to a data breach after staff found email addresses were shared with an external party.

Head of Security Cory Hardman said in a blog post on Wednesday that an employee of Customer.io, OpenSea’s email delivery vendor, abused their access by downloading and externally sharing customer data. 

“If you have shared your email with OpenSea in the past, you should assume you were impacted,” he wrote. “We are working with Customer.io in their ongoing investigation, and we have reported this incident to law enforcement.”

The company further warned customers might face phishing attacks — attempts by cybercriminals posing as credible institutions with an aim to obtain sensitive information — by using a domain name similar to the official “opensea.io,” such as “opensea.org” or “opensae.io.”

Screenshots posted to Twitter show OpenSea notified customers about the data breach via email. Some users demanded compensation.

Loading Tweet..

Customer.io told Blockworks that the employee in question has been suspended and had access removed, pending an internal investigation. “We are working closely with OpenSea and are reviewing exactly how these email addresses were compromised,” a spokesperson for the vendor company said.

A similar incident occurred in March, when hackers breached third-party marketing vendor HubSpot to target large crypto stakeholders. NYDIG, Pantera Capital, BlockFi, Circle and Swan Bitcoin were among the affected companies.

OpenSea found itself in a sea of trouble thanks to another incident prior the data breach. The Department of Justice earlier this month charged its former head of product, Nathaniel Chastain, with insider trading in connection to non-fungible tokens (NFTs). He was charged with one count of wire fraud and another count of money laundering.

Chastain resigned from his position at OpenSea in September after he was suspected of profiting from inside information and purchasing NFTs before they were posted publicly.

OpenSea remains the leading marketplace by volume by a wide margin, with over six times the sales of the second-largest NFT marketplace over the past 30 days, according to data from DappRadar.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

Blockworks and Cracked Labs are teaming up for the third installment of the Permissionless Hackathon, happening June 22–23, 2025 in Brooklyn, NY. This is a 36-hour IRL builder sprint where developers, designers, and creatives ship real projects solving real problems across […]

recent research

Featured.png

Research

Helium stands at a pivotal moment in its evolution as a decentralized wireless network, balancing rapid growth, economic restructuring, and global expansion. With accelerated growth in domestic DAUs and Hotspots supporting its network, Helium is leveraging strategic partnerships and innovative proposals to scale internationally. The recent implementation of HIP 138, “Return to HNT,” has unified its token economy under HNT, simplifying participation and strengthening liquidity, while HIP 139’s phase-out of CBRS refocuses efforts on scalable Wi-Fi offload. Meanwhile, governance shifts under HIP 141 raise questions about centralization as Nova Labs consolidates control over the roadmap.

article-image

EVM bottlenecks fundamentally hold back Ethereum’s scalability

article-image

In 2011, WikiLeaks faced a financial blockade imposed by the US government. It was Bitcoin’s first major test.

article-image

Kado’s founder Emery Andrew spoke to Blockworks about the acquisition and what’s next for the team

article-image

LayerZero’s Bryan Pellegrino chatted with Blockworks about the firm’s next steps and its 10-year runway

article-image

Colosseum co-founder Matty Taylor is seeing “high-performance [Solana] founders showing a lot of interest in private trading technology”

article-image

Executives weigh the growth potential they see in the public stock and private credit/equities arenas