OpenSea API Users Urged to Replace Keys Following Security Breach

By: Eva Baxter

A security breach involving a third-party vendor has prompted NFT marketplace OpenSea to issue a warning to its users, advising them to replace their application programming interface (API) keys. The company sent out an email notifying the potentially affected customers of this situation.

OpenSea, being the second-largest player in the non-fungible token (NFT) marketplace as of May 2023, accounts for 36.5% of the trading volume. Despite trailing behind Blur, OpenSea has been vigilant in addressing the recent security breach by instructing impacted users to cease using their current API keys by Monday, October 2 and replace them with new ones.

Even though the company assures that the breach isn't immediately impacting the platform's integrations, they express caution that any unauthorized third-party access might affect users' rate and usage limits. Furthermore, OpenSea has held back the details concerning the number of users affected and if any other data apart from API keys are compromised.

This incident echoes a similar breach with Nansen, an on-chain analytics platform, where users' blockchain addresses, password hashes and email addresses were exposed due to the compromise of a third-party vendor. These incidents underline the persistent security challenges faced by platforms like OpenSea in the rapidly expanding NFT marketplace.