Email distribution service SendGrid admits it got hacked
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!Tweet Share on Twitter.
April 28, 2015
Marketing and email sending service SendGrid is asking customers to switch passwords after finally admitting it recently got hacked into its servers.
The decision follows the realisation that a previously reported hacking attempt is a bigger deal than previously thought of.
The initial alert was triggered after the SendGrid account of Bitcoin exchange Coinbase was compromised and abused to push a nasty phishing attack to thousands of users.
Overall, subsequent forensic and incident response work has revealed that hackers didn't just steal one set of account login credentials but also the whole login details of a SendGrid worker.
These intricate details were used to access usernames, email addresses, and passwords for SendGrid customer and employee accounts on at least three occasions during February and March of this year.
Hackers may also have snatched customers’ recipient email addresses and contact information, creating a heightened risk of more plausible phishing scams for the networks at large in the process.
The practical upshot of this is that all customer accounts are potentially at risk of hijacking, especially if weak passwords are in play, hence the mandatory switch-up of both passwords and DomainKeys Identified Mail (DKIM) keys.
Overall, a small minority of around 600 SendGrid customers have custom DKIM keys.
SendGrid boasts about 100,000 customers, including well-known internet firms such as Airbnb, Foursquare, Spotify and Uber.
Its cloud-based email delivery services handle everything from transaction confirmations to friend requests, sign-up confirmations and email newsletters.
SendGrid is apologizing to customers for the inconvenience caused by the hack and promised to improve the security of its systems including IP whitelisting and enhanced two-factor authentication, a company rep said.
The New York Times broke the story that Coinbase had its Sendgrid credentials compromised three weeks ago, back in early April.
Additionally, Sendgrid took issue with the New York Times for implying that it had suffered a platform-wide security breach, publishing a blog post decrying the report as "inaccurate".
David Campbell, chief security officer at SendGrid, has since been obliged to backtrack on those negative comments and admit that incident response experts have uncovered reasons to be concerned.
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!