I know this because I use SimpleLogin to provide each service with its own specialized email address. You can see in the picture the address starts with bixi@sl.***
It’s also possible but unlikely that they sold user data.
I know this because I use SimpleLogin to provide each service with its own specialized email address. You can see in the picture the address starts with bixi@sl.***
It’s also possible but unlikely that they sold user data.
I think it’s more likely they got breached, or a third-party was breached (I see “zoho” in there). It’s easy for companies with shitty code to leak things like SendGrid tokens and web scrapers pick them up and use them for shit like the email you got.
I do the same thing for my emails, it’s wild to trace back who leaked my email addresses. Man I hate how lousy our tech security is these days, or rather, the lack of fucks given and the lack of protections for consumers. Companies would rather buy cybersecurity insurance than actually make their shit secure.
This is probably the case, I’ve updated my title.
I just checked some older eMails, and it’s not their mail provider / API token that got breached (previous messages used cyberimpact, not zoho).