On 2026-07-03 at 06:03 +0200, Marco Moock wrote: > Am 02.07.26 um 12:24 schrieb Benoit Panizzon: > > Data from that breach starts increasingly being used by Twilio Sendgrid > > customers for advertising. > > A rather normal situation. Twilio Sendgrid is a company that does not > care about it or intentionally operates their service for such > "customers". I contacted the abuse department various times - never got > a response about the case, but some blabla nonsense in some cases.
Well, even though Free had its responsibility by not implementing appropriate security controls (and was thus fined 42 millions — which still seems cheap for losing data of 42 millions of customers), whoever stole them is the main culprit, and there _should_ be a police case for that. If it can be demonstrated beyond doubt that the data indeed comes from that breach, that should be investigated. Oh, I know: All parties will have "legally acquired the data from someone else". And it will come to a halt from mixed jurisdictions rather sooner than later. Were companies held responsible for the of their sourced databases, they would be much more cautious. I'm not saying it's SendGrid's fault if they have customers using illegally obtained lìsts, but if they got certain subsidiary responsability for what they did for their bad-apples-customers-gone- missing, they would more carefully vet their customers beforehand to ensure they can really be held accountable for the million emails they are about to blast. On 2026-07-03 at 18:50 -0500, Jarland Donnell wrote: > There was a period for a bit there where I think several people > internally did legitimately care. The problem is, none of us are > brave > enough to block Sendgrid completely, thus creating no financial > justification for a competent and equipped abuse team. It's tough in > that kind of environment, telling your bosses that you need more > resources to handle a problem that isn't costing the business > anything. And thus, that would align the financial incentives, since a well- greased abuse team would reduce the number of fines supported by the company. _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
