Unstoppable Domains user email addresses exposed to unauthorized third party
A set of Unstoppable Domains1 user and subscriber email addresses were exposed to an unauthorized third party, after a reported security incident2 at Customer.io3:
Late last night, Customer.io informed us that the data extracted included email addresses that our users and subscribers provided to Unstoppable Domains.
The email vendor stated that the action was limited to a single employee:
We know this was a result of the deliberate actions of a senior engineer who had an appropriate level of access to perform their duties, and provided these email addresses to the bad actor.4
Users affected
- Unstoppable Domains newsletter subscribers
- anyone who made a purchase through Unstoppable Domains
According to UD, no other personal information was accessed.
Safety tips
- Never give away your private keys or passwords
- Never download attachments that claim to be from Unstoppable Domains
- Be cautious when clicking links in emails
- Exercise caution on messaging platforms and social media apps
This is an ongoing story and the report will be updated when new information is available.
-
https://unstoppabledomains.com ↩
-
https://unstoppabledomains.com/blog/security-incident-at-our-email-vendor ↩
-
https://customer.io ↩
-
https://customer.io/blog/update-to-compromised-email-addresses-incident/ ↩