Insider incident affected nonfungible token (NFT) marketplace

05.07.2022

This time, one of the largest nonfungible token (NFT) marketplace experienced an insider related data leak. OpenSea company’s email list, which includes email addresses of users and subscribers to newsletter, was illegally accessed and downloaded by an employee of Customer.io, one of OpenSea’s email vendors. 

It seems that the attack’s aim is to gain financial benefit. The stolen database may be used in targeted phishing attacks. Thus, anyone, who has ever shared email with the OpenSea, may be affected in the future. The overall number of OpenSea’s users is close to 2,000,000.

The company’s officials provided recommendation for protection against intruders’ malicious actions and they stated that “malicious actors may try to contact you using an email address that looks visually similar to our official email domain, ‘opensea.io’ (such as ‘opensea.org’ or some other variation)”. As company representatives told the victims, that they had already reported to law enforcement and cooperating in the investigation process.  

This attack shouldn’t be neglected by NFT market actors, and by any other organization as well. This incident is just another “reminder” that insider related risk is an everlasting threat for any kind of commercial and non-commercial organizations. 

In terms of practical recommendation for any kind of organizations in such circumstances, we can suggest the following. First, try to stay up-to-date, learn about new information security threats and educate employees on the topic of information security. Try to implement complex approach to security. However, it’s impossible to cope with all threats without assistance of specific InfoSec software. You must be aware of your data assets – make sure that they are kept appropriately, in compliance with safety policies, set in the organization. Distinguish accesses in order to prohibit access to crucial and confidential data for third-party users. These tasks may be solved with the help of DCAP solution. SIEM system will help to protect log information against tampering and unauthorized access. DLP system will help to block the process of illegal confidential data transmitting.