Wednesday, 29 April 2015

Great Email Service SendGrid Hacked Account Via Employee

The major e-mail service SendGrid, which include e-mails sent to Pinterest, Uber, Foursquare, Hootsuite and Spotify, has warned customers that their data may be stolen. On 8 April, the SendGrid account of Coinbase hacked , a large Bitcoin exchange, and used to send phishing emails. At first thought SendGrid that it was an isolated incident.

Further investigation revealed that the account was hacked by a SenGrid employee and was used by a cyber criminal to approach various internal systems. These systems contained user names, email addresses and customize stretched and saved passwords. The cyber criminal could access servers with e-mail lists and addresses received from customers of the customers SendGrid. In theory, it could go to millions of users.

According SendGrid there is no evidence that this data is also captured. However, as a precaution decided to reset the passwords of all customers. In addition to resetting the passwords SendGrid customers will also generate their DKIM keys again. DKIM is a digital signature that verifies the domain where the emails were sent from. Because of the new DKIM keys will also be the DNS of the domain name must be modified. How not know the account of the employee could be hacked SendGrid late. However, the e-mail service will tighten security.

No comments:

Post a Comment