SendGrid, an email service used by billions of companies, including Bitcoin exchange Coinbase, has urged its customers to change their passwords after attackers compromised one of its employee’s account in order to steal the usernames, email addresses and (hashed) passwords of customer and employee accounts.
Moreover, it has asked people to take advantage of multi-factor authentication offering, provided by the company, to ensure safety.
SendGrid said it is adding more authentication methods for its two-factor security. It is working to expedite the release of API keys, which will allow the customers to use keys instead of passwords while sending emails.
The company announced about the hacking case several weeks after it made sure that only one account was hacked.
According to a report of The New York Times on April 9, Coinbase had its Sendgrid credentials compromised. The hackers were using the access to launch phishing attacks against Bitcoin’s businesses.
“The story has now been updated in order to show that a single SendGrid customer account was compromised,” SendGrid wrote on a blog post.
According to David Campbell, SendGrid’s chief security officer, the company carried out investigation collaborating with law enforcement and FireEye’s (Mandiant) Incident Response Team. They got to know about a SendGrid employee whose account had been compromised by a cyber criminal and was used to access several of the company’s internal systems on three separate dates in February and March 2015.
He added that these systems contained usernames, email addresses, and passwords for SendGrid customer and employee accounts. The investigation suggested that the cyber criminal accessed servers that contained some of their customers’ recipient email lists/addresses and customer contact information.
“We have not found any forensic evidence that customer lists or customer contact information was stolen. However, we are implementing a system-wide password reset as a precaution. Because SendGrid does not store customer payment cards and we know that payment card information was not involved,” he wrote on the blog post.
As SendGrid manages emails of thousands of companies, including some big brand names, like Pinterest, Spotify and Uber, it has become a major target of spammers.