9 Jul 2022 [security]

Unstoppable Domains user email addresses exposed to unauthorized third party

A set of Unstoppable Domains1 user and subscriber email addresses were exposed to an unauthorized third party, after a reported security incident2 at Customer.io3:

Late last night, Customer.io informed us that the data extracted included email addresses that our users and subscribers provided to Unstoppable Domains.

The email vendor stated that the action was limited to a single employee:

We know this was a result of the deliberate actions of a senior engineer who had an appropriate level of access to perform their duties, and provided these email addresses to the bad actor.4

Users affected

According to UD, no other personal information was accessed.

Safety tips

This is an ongoing story and the report will be updated when new information is available.

  1. https://unstoppabledomains.com 

  2. https://unstoppabledomains.com/blog/security-incident-at-our-email-vendor 

  3. https://customer.io 

  4. https://customer.io/blog/update-to-compromised-email-addresses-incident/