The Sandbox has notified its users that an unauthorized third party gained access to one of the company’s employee’s computers on February 26, 2023. The hackers subsequently used the information they found to send fraudulent emails posing as The Sandbox. The metaverse company has taken prompt action to inform its users of the breach, and retained the compromised account.
The email sent by the hackers was titled “The Sandbox Games (PURELAND) Access,” and contained malicious hyperlinks that could remotely install unauthorized programs on users’ computers. The Sandbox has confirmed that the hackers only accessed one employee’s computer, and that the breach was likely due to a malware application. The company has further reassured users that the hackers could not access any other services or accounts of The Sandbox.
In response to the breach, The Sandbox quickly informed known recipients of the fraudulent email, advising them not to click or download anything from it. The company also blocked the employee’s account and access to The Sandbox, reformatted the employee’s laptop, and reset all related passwords, including two-factor authentication. The Sandbox is currently monitoring the situation and working with its team to strengthen its security practices.
This event underscores the importance of due diligence and taking necessary measures to safeguard against hacks and breaches in the web3 space, even for industry leaders like The Sandbox.