

SendGrid Email Breach Was Used to Attack Coinbase, a Bitcoin Exchange - danso
http://bits.blogs.nytimes.com/2015/04/09/sendgrid-email-breach-was-used-to-attack-coinbase-a-bitcoin-exchange/

======
Pyxl101
TL;DR:

> Hackers targeted SendGrid, a mass email service used by 180,000 companies
> including Uber, Pinterest, Spotify and Foursquare, to infiltrate Coinbase,
> one of the most popular Bitcoin exchanges.

> Nate Daiger, a co-owner of ChunkHost, said that a hacker had managed to
> persuade a SendGrid employee to change his company’s account information
> over the phone, took over ChunkHost’s account and reset passwords for two of
> its Bitcoin-related clients in an apparent attempt to steal Bitcoin wallets.

\--

> Mr. Daiger said this was the second time his company was targeted by hackers
> through SendGrid. When Mr. Daiger tried to warn other SendGrid customers
> about the potential security hole in a blog post, he said that he was asked
> by SendGrid to retract his post. He refused.

~~~
Pyxl101
Found the blog post referenced by the article:

[https://chunkhost.com/blog/15%2Fhuge_security_hole_in_sendgr...](https://chunkhost.com/blog/15%2Fhuge_security_hole_in_sendgrid)

> However, it turns out that [SendGrid's security] policy was ignored this
> weekend, and someone managed to convince Sendgrid over the phone to change
> the email address on the account. We got an email from them, but by that
> point it was already too late. The hacker had logged into Sendgrid and taken
> control.

> He had registered a domain, chunkhost.info, and “Would you please change our
> email from support@chunkhost.com to support@chunkhost.info?” sounded
> convincing enough that Sendgrid went through with it without bothering to
> verify anything.

