At this time all email sending has returned to normal. We have stopped the sending of forged SPAM/malware emails. We have re-sent all backlogged emails from the past 6 hours.
The initial cause of this problem was the abuse of a publicly available emailing system that allowed a user to send emails from our address with a message of their choosing to a list of addresses of their choosing. The perpetrator(s) used this function to send malicious emails that appeared to come from "email@example.com
". We have disabled this functionality to prevent abuse in the future.
At this time, we do not have any reason to believe that any sensitive data from inside our systems was taken. Nor did any attacker have access to any part of our internal network. No customer or financial data was exposed.
We'll be writing and releasing a complete post-mortem of the outage and what steps we're taking to prevent further issues in the future. You can expect to see that in the coming days.
As always, if you have any questions, please contact us at firstname.lastname@example.org
. Thank you for your trust and business.