Registering Your Site With Unauthorized Third Party

Faye Kyzer

Related Practices & Jurisdictions OpenSea have reported a breach whereby email addresses registered with the site have been shared with an unauthorised third party. For landlubbers, OpenSea is the world’s largest marketplace for non-fungible tokens (NFTs). The Head of Security at OpenSea identified an employee of OpenSea’s third party email […]

OpenSea have reported a breach whereby email addresses registered with the site have been shared with an unauthorised third party.

For landlubbers, OpenSea is the world’s largest marketplace for non-fungible tokens (NFTs).

The Head of Security at OpenSea identified an employee of OpenSea’s third party email delivery vendor as the source of the breach. The employee reportedly misused their access privileges to download and share the list of the site’s registered email addresses with an external party.

People who have shared an email address with OpenSea, such as subscribers to the site’s newsletter, are warned to remain vigilant about attempts by malicious parties to impersonate communications from OpenSea.

OpenSea has dealt with several security incidents this year. Only a month ago, a former OpenSea product manager was arrested and is reportedly the first person to have been charged in connection with a digital asset insider trading scheme. The product manager’s responsibilities included deciding which NFTs would be featured on the site’s homepage, which he allegedly used for his own financial gain. When OpenSea had discovered his conduct in September 2021, OpenSea requested and accepted the product manager’s resignation. Immediately afterwards, OpenSea commissioned a third party review of the incident and implemented the review’s recommendations to strengthen their existing policies.

In May this year, OpenSea’s Discord server was hacked. Just a few months earlier, 254 NFTs valued at around $1.7million USD were stolen through what appear to have been phishing attacks. OpenSea has reportedly reimbursed the victims.

These incidences highlight the status of NFT marketplaces as high value targets for malicious actors and reveals that many of the security vulnerabilities faced in the ‘old’ world of cyber technology remain a threat in the new world of blockchain and NFTs.

Once again, these incidents serve as a reminder for organisations to develop effective cyber security risk management, which requires an approach that encompasses all security vulnerabilities and that includes mechanisms governing employee access and use of sensitive information.


Copyright 2022 K & L Gates
National Law Review, Volume XII, Number 208

Next Post

The metaverse is making significant strides in the business world

Two thirds of organizations are using technologies such as augmented and virtual reality, blockchain, cryptocurrencies and NFTs, according to a new PwC survey. Image: Adobe Stock Metaverse-related technologies are beginning to offer significant business opportunities, a new study from PwC finds. Sixty-six percent of executive respondents report their companies are […]
The metaverse is making significant strides in the business world

Subscribe US Now

judi bola judi bola AgenCuan merupakan salah satu situs slot gacor uang asli yang menggunakan deposit via ovo 10 ribu, untuk link daftar bisa klik http://faculty.washington.edu/sburden/avm/slot-dana/. bd slot Slot Thailand pragmatic play idn poker idn poker slot online akun pro thailand