2 comments

[ 3.0 ms ] story [ 16.6 ms ] thread
On one hand, JFC... on the other hand, at least they noticed, notified and rotated the keys. So many companies are like "oh, we didn't expose it to anyone, so we don't need to roll them".

They then proceed to break their arm patting themselves on their back for avoiding catastrophe.

I just received this email from Sendgrid:

Ahoy,

On June 18, 2021, Twilio SendGrid discovered that open ports on some internal hosts were temporarily exposed between June 15-18, 2021. Upon discovery, Twilio immediately began our security incident response process, secured the ports, and remediated the vulnerability that led to the exposure. We have thoroughly investigated this incident, and we are confident that the exposed data has not been accessed by any unauthorized actors.

You are receiving this email because you are a Twilio SendGrid customer and the DKIM key(s) used to sign your email were a part of the impacted system.

What do you need to know?

Data exposed include private DKIM keys. Private DKIM keys are used to digitally sign the email sent through your Twilio SendGrid account, configured through Domain Authentication. These keys provide a way for mailbox providers to confirm that the email was sent by you and not by someone trying to impersonate your domain.

What do you need to do?

While we are confident that this data has not been accessed by unauthorized third parties, in an abundance of caution, we are either proactively rotating DKIM keys on behalf of our customers where possible, or we are recommending that customers rotate their DKIM keys on their own accord.

For customers that have domain authentications that are exclusively enabled with automated security, we will rotate DKIM keys over the next 4 - 6 weeks. This requires no action from you and will not disrupt your email delivery.

For customers that have domain authentications configured with manual security, we recommend that you rotate your DKIM keys at this time.

Information about DKIM and how to determine if you have automated or manual security can be found here.

Sincerely,

Team Twilio SendGrid