Closed sgielen closed 1 year ago
@sgielen , we store the emails downloading license in a self-hosted listmonk.app instance. Our listmonk instance was accessed and vandalized in unauthorized manner few months ago. We changed our listmonk password and rotated email credentials as soon we found out. My guess is that your unique email was stolen at that time and used to send spam.
Is there anything more we can do here to help you?
Thank you for the quick and honest reply & explanation @tamalsaha. Such things can happen, I'm glad to hear it was an unfortunate incident that you already knew about and had rotated credentials for. That raises confidence. Closing this issue then.
Dear AppsCode,
I always give every company I work with a different e-mail address. Then, when I receive anything other than the intended information on that e-mail address, I know who leaked it.
It disappoints me to say that I have received spam from hola@reservandonos.com, for https://slidetours.com/, which seems to be a phishing website, on an e-mail address I 100% absolutely sure only ever gave to AppsCode.
In case this was accidental or the cause of an incident, this notification allows you to take a look at how this happened and fix any data leaks. If it was intentional, this also serves as a warning to other users that AppsCode may not be a reliable company.
For your information, the e-mail is included below, with some parts redacted.