Update on the Instagram breach

The Sandbox
The Sandbox
Published in
2 min readAug 5, 2022


Thank you for being a part of The Sandbox community. We constantly strive to keep you safe — both by working with our security partners such as Brandshield and Ledger and by educating you to follow best practices to keep your account and wallet secure. By working together, we can all keep the metaverse safe!


  • The Sandbox Instagram account was briefly compromised on August 4, 2022.
  • We quickly become aware of the breach and contacted Instagram to deactivate the account until we recovered control.
  • We immediately informed our community of the breach while we worked with our security partners to investigate and resolve the issue. Among them, brandshield took down the scam URL, and OpenSea flagged compromised NFTs.
  • We are constantly on guard against phishing attacks and brand impersonators
  • We strongly encourage our community to remain vigilant and follow best practices for account and wallet security, as outlined in this article


On August 4, 2022 at 07:59am UTC, The Sandbox’s official Instagram account was compromised, and a phishing link was posted by the perpetrators. We became aware of the breach at 08:00am UTC, immediately deactivated the Instagram account, and contacted Instagram to retrieve access to it.

We also immediately informed our community across our communication channels and instructed them to remain vigilant as we worked on resolving the issue with Brandshield and Ledger, our security partners. Based on our current research, the impact of the phishing attack is limited and we are working to identify anyone who was affected. According to the information we have, only a few people clicked the link — but any number above ‘0’ is too many.

What we did to fix it

The trust of our community is paramount for us and we are taking steps to further secure our social accounts. We are currently reviewing our security logs and internal processes to reinforce security across all of our platforms.

We quickly became aware of the issue and shut down our Instagram account until it was secured. We are working with Brandshield and Ledger to identify additional security measures we can take beyond this single incident. If we have any additional updates, we will update this article to share them with our community as we believe in transparency.

Next steps

The Sandbox remains proactive in preventing phishing attacks and brand impersonators, constantly operating in strategic partnership with our partners such as Brandshield and Ledger to safeguard the integrity of our ecosystem and react swiftly in case of compromise.

This event serves as a reminder that we must never let our guard down. Because of our profile, hackers and phishers will constantly try to test us. However hard they try, we’ll work even harder to keep your accounts — and ours — secure.

To learn more on account and wallet security, please visit: https://sandboxgame.gitbook.io/the-sandbox/account-wallet/account-and-wallet-security

If you believe your account was compromised, please visit: https://sandboxgame.gitbook.io/the-sandbox/account-wallet/account-and-wallet-security/compromised-wallet

Stay safe everyone! ❤