OpenSea Warns of Phishing Attacks Due to Data Breach

A third-party vendor’s employee misused their access to OpenSea’s customer data, the head of security said

article-image

Blockworks Exclusive Art by Axel Rangel

share

key takeaways

  • A Customer.io employee shared email addresses with an unauthorized external party
  • OpenSea warned users of fraudsters trying to impersonate the platform by using fake domain names

Collectibles platform OpenSea has alerted customers to a data breach after staff found email addresses were shared with an external party.

Head of Security Cory Hardman said in a blog post on Wednesday that an employee of Customer.io, OpenSea’s email delivery vendor, abused their access by downloading and externally sharing customer data. 

“If you have shared your email with OpenSea in the past, you should assume you were impacted,” he wrote. “We are working with Customer.io in their ongoing investigation, and we have reported this incident to law enforcement.”

The company further warned customers might face phishing attacks — attempts by cybercriminals posing as credible institutions with an aim to obtain sensitive information — by using a domain name similar to the official “opensea.io,” such as “opensea.org” or “opensae.io.”

Screenshots posted to Twitter show OpenSea notified customers about the data breach via email. Some users demanded compensation.

Loading Tweet..

Customer.io told Blockworks that the employee in question has been suspended and had access removed, pending an internal investigation. “We are working closely with OpenSea and are reviewing exactly how these email addresses were compromised,” a spokesperson for the vendor company said.

A similar incident occurred in March, when hackers breached third-party marketing vendor HubSpot to target large crypto stakeholders. NYDIG, Pantera Capital, BlockFi, Circle and Swan Bitcoin were among the affected companies.

OpenSea found itself in a sea of trouble thanks to another incident prior the data breach. The Department of Justice earlier this month charged its former head of product, Nathaniel Chastain, with insider trading in connection to non-fungible tokens (NFTs). He was charged with one count of wire fraud and another count of money laundering.

Chastain resigned from his position at OpenSea in September after he was suspected of profiting from inside information and purchasing NFTs before they were posted publicly.

OpenSea remains the leading marketplace by volume by a wide margin, with over six times the sales of the second-largest NFT marketplace over the past 30 days, according to data from DappRadar.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Research Report Templates (2).png

Research

We’re bullish on the PUMP token. We believe Pump.fun's brand strength, existing integrations, product roadmap, and strategic levers justify PUMP's TGE valuation, and expect the token to re-rate meaningfully higher in the months ahead.

article-image

Data shows frontrunning has declined on the network compared to last year

article-image

Industry watchers weigh in on what’s coming for bitcoin, M&A and tokenization before the year wraps

article-image

“We are open 24/7/365, but good luck getting an employee to pick up.”

article-image

BitVM3’s “garbled circuit” approach faces critical security and scaling research before it will be practical

article-image

Big blockers wasted a bitcoin fortune trying to prove a point

article-image

Coinbase’s newest acquisition includes the CEO and Head of Research from Opyn