ADVERTISEMENT

MailChimp, Mailgun, and Sendgrid API leak endangered over 54m users

Leaked API keys of three popular email service providers allowed threat actors to perform various unauthorized actions such as sending emails, accessing mailing lists and personal data, deleting API keys, and modifying two-factor authentication, hence putting 54 million users at risk.

Image from Shutterstock

Image from Shutterstock

Paulina Okunytė
Paulina Okunytė Senior Journalist
Dec 22, 2022 Updated: 22 December 2022 3 min read

Mailchimp's users' private data could be accessed

Screenshot from CloudSek's Report
Screenshot from CloudSek's Report
ADVERTISEMENT

Mailgun's data could be used for phishing attacks

SendGrid's APIs could be used to hijack accounts

Keeping APIs safe

ADVERTISEMENT