OpenSea data breach highlights NFT security vulnerabilities, says GlobalData

Following the news that non-fungible token (NFT) marketplace OpenSea has suffered a data breach;

Kaleb Ells, Analyst on the Thematic Team at GlobalData, a leading data and analytics company, offers his view:

“This mass data breach highlights that OpenSea is not yet providing the security fundamentals that are essential for attracting more users. Alongside the February phishing attack on OpenSea, this latest breach calls the NFT marketplace’s safety into question. Although no NFTs were stolen, scammers could now use the exposed email addresses to trick OpenSea users into making transactions, comparable with hoax requests for bank transfers. Cybersecurity must be a key area of focus for NFT marketplaces over the next few years to gain consumer trust, which is vital for mainstream adoption.

“Although ransomware represents the biggest threat to organizations today, insider threats still pose a challenge as the job market shifts in the wake of the pandemic. With many employees changing jobs, and companies trying to keep them by offering flexible working and vacation options, there is an increased risk of insider threat.

“According to VMware, the number of employees leaving their jobs (but potentially still having access to the corporate network or proprietary data) has created a headache for IT and security teams. Insider threats are a growing challenge for companies as they try to balance attrition, onboarding, and the use of non-sanctioned apps and platforms. In 2022, organizations are likely to establish new protocols and guidelines to try and protect their networks and sensitive data.

“Although NFTs have caused widespread media excitement, and the market has undergone huge expansion in recent years, NFT platforms currently face little regulation. These platforms must demonstrate that they offer secure and confidential trading opportunities to gain the users they need to grow.”

More Media