Ken O'Driscoll via mailop wrote:
On Sat, 2018-01-20 at 11:14 +1100, Michelle Sullivan wrote:
One can only conclude, they either have a leak in their API, or they
altered the permissions to give out emails when specifically denied, or
they got hacked and didn't disclose it.
They had bug for over a year between ~2012-2013 where contact details
(including email) were unintentionally exposed.
So, you could have been part of that.
In any event, I'd let their security team know what happened.
You could also check (if you haven't already) haveibeenpwned.com to see if
the address pops up in any breach.
Yeah I don't do that in case the lookups are compromised... :)
mailop mailing list