Their previous marketing mails were send using Amazon SES. Just like this one successfully signed with DKIM. Looks like the hacker had access to their Amazon SES credentials.
IANAL, but I'm at least curious whether they'd be willing to take someone to court when the discovery process would likely involve documenting claims of false advertising. Whistleblower laws might also apply. Will be fascinating to watch.
I don't think in India, where Browserstack is based, Whistleblower laws are that strong, the false claims could often be masked as a "flaw" and a bug rather than by design, and hence not sure how it plays out, but I think from the looks of it, if it is an ex-employee, that person is at a riskier position.
I filled in a support request with browser stack.
Seems very odd, angry ex member of staff maybe??