SendGrid, an email service used by thousands of companies, reports that its servers have been hacked since February.
The company issued a report :
we became aware that a SendGrid employee’s account had been compromised by a cyber criminal and used to access several of our internal systems on three separate dates in February and March 2015.”
“These systems contained usernames, email addresses, and (salted and iteratively hashed) passwords for SendGrid customer and employee accounts.
“In addition, evidence suggests that the cyber criminal accessed servers that contained some of our customers’ recipient email lists/addresses and customer contact information.”
“We have not found any forensic evidence that customer lists or customer contact information was stolen. However, as a precautionary measure, we are implementing a system-wide password reset”.
Upon discovery of the breach, the company says it “took immediate actions to block unauthorized access and deployed additional processes and controls to better protect our customers, our employees, and our platform”.
