Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Email distribution service SendGrid admits it got hacked

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

April 28, 2015

Click here to order the best deal on a HP enterprise dedicated server and at a great price.

Marketing and email sending service SendGrid is asking customers to switch passwords after finally admitting it recently got hacked into its servers.

The decision follows the realisation that a previously reported hacking attempt is a bigger deal than previously thought of.

The initial alert was triggered after the SendGrid account of Bitcoin exchange Coinbase was compromised and abused to push a nasty phishing attack to thousands of users.

Overall, subsequent forensic and incident response work has revealed that hackers didn't just steal one set of account login credentials but also the whole login details of a SendGrid worker.

These intricate details were used to access usernames, email addresses, and passwords for SendGrid customer and employee accounts on at least three occasions during February and March of this year.

Hackers may also have snatched customers’ recipient email addresses and contact information, creating a heightened risk of more plausible phishing scams for the networks at large in the process.

The practical upshot of this is that all customer accounts are potentially at risk of hijacking, especially if weak passwords are in play, hence the mandatory switch-up of both passwords and DomainKeys Identified Mail (DKIM) keys.

Overall, a small minority of around 600 SendGrid customers have custom DKIM keys.

SendGrid boasts about 100,000 customers, including well-known internet firms such as Airbnb, Foursquare, Spotify and Uber.

Its cloud-based email delivery services handle everything from transaction confirmations to friend requests, sign-up confirmations and email newsletters.

SendGrid is apologizing to customers for the inconvenience caused by the hack and promised to improve the security of its systems including IP whitelisting and enhanced two-factor authentication, a company rep said.

The New York Times broke the story that Coinbase had its Sendgrid credentials compromised three weeks ago, back in early April.

Additionally, Sendgrid took issue with the New York Times for implying that it had suffered a platform-wide security breach, publishing a blog post decrying the report as "inaccurate".

David Campbell, chief security officer at SendGrid, has since been obliged to backtrack on those negative comments and admit that incident response experts have uncovered reasons to be concerned.

Source: SendGrid.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer