The famous metaverse company, The Sandbox, alerts users of a security breach on one of its worker’s computers by a hacker who sent phishing emails to several users.
Employee computer hacked
The Sandbox reported a security breach on a blog post indicating that one of the employee computers was accessed by an unknown individual who used it to send emails to users.
The email labeled “The Sandbox Game (PURELAND) Access,” sent to users, contained hyperlinks leading those who clicked on them to malware capable of accessing personal data. However, the announcement did not say the number of users affected by the email.
In the statement, the company assured its users that the third party accessed only a single computer, not any other machine or The Sandbox account. The hacker accessed the email addresses of users, but there was no indication of any financial losses.
By the time of reporting, the company proclaimed they had already changed the employee’s computer user passwords and notified the affected users about the incident.
The Sandbox team informed users to be aware of any phishing activities arising from the breach. The company cautioned users “not to click, download or play any property from the hyperlinks embedded on the email.” Using stronger passwords and implementing two-factor authentication together with refraining from the hyperlinks sent would be the best ways to escape the attack, according to The Sandbox post.
A quick response
The company acted with urgency to avert the attack by cautioning the affected users through email, blocking the account used by the hacker, resetting passwords, and enabling two-factor authentication. They also wiped clean the affected computer and installed a new operating system.