Email service provider Sendgrid did not have multifactor authentication in place to protect its customer accounts. The company’s parent company, Twilio, tells security blogger Brian Krebs that the company is in the process of requiring authentication. The hacked accounts are being used in phishing and email-based malware attacks, Krebs reports. The hack is a reminder of the importance of identity management for all businesses, a security expert says. A company spokesperson could not be immediately reached for additional comment.”]
Source: https://www.cuinfosecurity.com/lack-mfa-may-have-enabled-sendgrid-account-compromise-a-14916