OpenSea reimbursed affected users more than $1.9 million

The OpenSea Marketplace reimbursed a total of 750 ETH (~$1.95 million at the time of writing) to users who suffered losses due to a vulnerability in the platform’s NFT listings feature.
This writes Bloomberg, citing the company. On December 31, 2021, the founder of the project freshdrops pointed out a bug that allows users to buy high-value tokens at reduced prices.
OpenSea has a term asset listing mechanism – tokens are delisted after a selected period of time. However, prior to the introduction of this mechanism, NFT delisting was done manually and required additional gas fees, which in some cases could be quite high.
In order to avoid paying the fee, users found a way out – when a token is transferred to a third-party wallet and back to the original wallet, it stops showing up in the OpenSea interface. But in this situation, the delisting is not confirmed in the blockchain, so NFTs remain available for purchase through the API that platforms like Rarible use.
This allowed tokens to be redeemed at old prices, well below their current value. To fix the problem, OpenSea launched a review and cancellation feature, reduced the default listing duration from six months to one month, and notified users to delist.
The latter measure was criticized in the community. A collector with the nickname Dingaling emphasized that OpenSea’s instructions “make it easier to execute an exploit.” According to him, you first need to transfer assets to a third-party wallet.

OpenSea also said it was "actively engaging with the victims and reimbursing them." In a conversation with Bloomberg, collector Robert Garcia said his NFT Mutant Ape Yacht Club was sold by mistake for 4.7 ETH (~$12,200). The company reimbursed him 13.8 ETH (~$35,880).
As a reminder, OpenSea's mistake led to the destruction of 42 NFTs worth $100,000 in September 2021.