OpenSea Email Leak Exposed: Over 7 Million User Emails Now Public, Warns SlowMist

Millions of email addresses linked to OpenSea users have recently been fully exposed online after a 2022 data breach, putting users at greater risk of phishing and scam attacks, according to a warning from SlowMist.

The data leak, which originally occurred in June 2022, involved an employee of Customer.io, OpenSea’s email automation platform, leaking the email addresses to an external party. While the information was initially kept private, it has now been fully publicized, making it available to anyone with access, and heightening concerns among security experts.

SlowMist’s Chief Information Security Officer, known by the handle "23pds," posted a warning on January 13, alerting the public to the fact that over 7 million email addresses have now been exposed. This leak includes email addresses of notable individuals, companies, and key figures in the cryptocurrency and NFT sectors, who may be targeted by malicious actors.

“Remember the attack on OpenSea’s mail service provider in 2022 that led to the leakage of emails? The leaked email addresses have now been fully publicized after multiple disseminations,” 23pds wrote in a post on X (formerly Twitter).

In a statement to Cointelegraph, 23pds explained that although the breach occurred in mid-2022, the data had not been made public until recently. With the email list now in the wild, scammers and phishing groups have a new resource to target victims.

“Previously, it was not made public. Now all the leaked data has been made public in its entirety and is available to anyone who wants it,” 23pds added. A screenshot shared by SlowMist showed a Telegram message containing an attachment titled "opensea.io_mail_list.rar," which reportedly holds the compromised email list.

The leak not only affects regular OpenSea users but also includes the emails of many well-known figures in the cryptocurrency and NFT space. This creates a significant opportunity for scammers to exploit high-profile targets.

Details of the 2022 Breach

OpenSea, one of the world’s largest NFT marketplaces, initially alerted users to the breach on June 29, 2022, when it discovered that an employee at Customer.io had leaked the email list to an outside party. At the time, OpenSea warned customers, saying, “If you have shared your email with OpenSea in the past, you should assume you were impacted. We are working with Customer.io in their ongoing investigation, and we have reported this incident to law enforcement.”

While the breach was reported in 2022, the full public release of the leaked emails marks a new phase of heightened risk. With the information now widely available, attackers can use the email addresses for phishing campaigns, which have become one of the most significant security threats in the digital asset space.

Mitigating the Risk of Phishing Scams

In response to the breach, SlowMist’s 23pds urged affected individuals to take immediate steps to protect themselves. These include creating strong, unique passwords for all online accounts and using a password manager to securely store them. Additionally, enabling two-factor authentication (2FA) wherever possible is crucial, with 23pds recommending the use of an authenticator app over SMS-based 2FA for added security.

The rise of phishing scams has been a major concern in recent years, with attackers stealing over $1 billion worth of digital assets through 296 phishing incidents in 2024 alone, according to security firm CertiK. This figure is likely an understatement, as many phishing scams go unreported or are not categorized in official statistics.

“Phishing was the most costly attack vector last year,” a CertiK spokesperson told Cointelegraph. “Our figures are conservative, and the actual figure is higher when you consider unreported incidents and other types of phishing scams, like pig butchering.”

A Growing Threat to the Crypto Space

The OpenSea email leak underscores a broader issue in the cryptocurrency and NFT industries: the persistent threat of phishing attacks. With millions of email addresses now exposed, users of OpenSea and other platforms are urged to stay vigilant and proactive in securing their digital identities.

As the cryptocurrency and NFT sectors continue to grow, security will remain a critical concern for users and platforms alike. Stronger protections, clearer guidelines, and better security practices are essential to ensure the continued safety and trust of participants in the Web3 ecosystem.