CZ's personal information exposed in Opensea hack

In the crypto market, the security of personal information is not only a basic requirement, but also a core foundation for building trust between the project and the community.

On the morning of January 13, user X @23pds reported that an attack on OpenSea's email service that took place in 2022 caused more than 7 million email addresses to be leaked. At the moment, this entire email list has been fully made public after multiple dissemination.

The list includes emails from many well-known individuals in the cryptocurrency industry, such as CZ, the founder of Binance, along with major companies and influencers (KOLs) in the field.

23pds (山哥)

@im23pds

·Follow

💥记得 2024 年 OpenSea 邮件服务商遭攻击导致邮件泄露的事件吗？经过多次传播，目前泄露的邮件地址已被完全公开。请务必注意相关风险，警惕钓鱼邮件和其他潜在的网络攻击！ @cz_binance 邮件地址也在其中:-) Remember the attack on the OpenSea mail service provider in 2024 that led to the…

1:02 AM · Jan 13, 2025

Read 10 replies

The incident has raised major concerns about email phishing campaigns and potential cyber attack risks for the cryptocurrency community. Security experts, including SlowMist, have advised users to be wary of suspicious emails and be cautious to avoid falling victim to phishing attacks.

Although the event occurred in 2025, signs of similar attacks have appeared earlier. Back in June 2022, OpenSea recorded a major attack on their email service, in which an employee at Customer.io was found to be taking advantage of access to download OpenSea users' emails.

Opensea had to move to a new smart contract after being hacked in 2022. Source: Certik.

These emails are then used to carry out large-scale phishing campaigns, targeting OpenSea users with fake emails.

In the same year 2022 but in February, another sophisticated phishing attack occurred when OpenSea users received an email calling for an update to the NFT listing on the platform. This email led the victims to visit a fake website, where they inadvertently signed the right to allow the transfer of NFTs to the attacker's wallet.

The incident caused massive damage with 28 compromised wallets, resulting in the theft of over $2 million worth of NFTs, including prominent NFTs such as Bored Ape Yacht Club and Mutant Ape Yacht Club. The attacker then transferred 1,105 ETH (about $2.7 million at the time) into Tornado Cash to clear the trail.

Fake phishing emails sent by hackers to users. Source: Certik.

Although OpenSea immediately warned users about the risk of phishing after the attacks, phishing campaigns continued. In August 2022, a fake MetaMask email was sent to users, asking them to enter the seed phrase to “restore” the account.

This is another attack method in which hackers target the collection of security keys instead of tricking users into signing the right to transfer assets as in previous cases.

The link will lead to the fake website containing the fake extension. Source: Certik.

2022 also saw a series of attacks targeting the Discord servers of NFT projects. According to statistics, there are more than 730 Discord servers compromised, in which attackers use phishing methods to get users to sign rights to transfer NFTs without realizing the risk. These attacks highlight the growing sophistication of threats to users in the NFT space.

From the above cases, it is important for users to be aware that crypto wallets do not need to be directly compromised as assets can also be stolen. Most phishing attacks hit on victims' invigilance, tricking them into signing off on critical access rights.

To protect assets, users need to thoroughly verify the origin of the emails received and avoid clicking on unreliable links. Always check the signing requests before making them and follow up on announcements from official channels from the project, in order to be alerted in time to the potential risks in the crypto sector as a whole.