On February 15th, 2019 at approximately 7:00 AM (MST) our account with a third party emailing service was compromised from a location originating from France and an attempt was made to send out malicious emails. Approximately 8% of the emails were sent before it was caught and shut off. The email was sent using an alias of one of our team members as the 'From' address.
This email claims that "your VISA" has an outstanding invoice (#1368727) of $115 which it prompts you to then download a malicious file to pay. Do NOT click on this file. If you believe you may be infected, we encourage you to scan your machine using a tool like Malwarebytes.
While we did prevent further emails being sent from our account, a list of the emails appear to have been downloaded and at least one other malicious email has been sent. This latest email was sent from email address outside of our organization but the first and last name of a Rain Retail team member has been stolen and used.
Security is of utmost importance and we are taking this breach very seriously. In response we have implemented the following new security measures effective immediately:
- The account in question has been reset and a security measure known as 2-Factor Authentication, in which a user is granted access only after successfully presenting two or more pieces of evidence, has been added.
- The account in question has had a new API key created and implemented.
- Access to the account in question now alerts key individuals at all times to prevent further unwanted logins.
- Accounts with other potentially sensitive information are being reset and additional security measures are being reviewed for each.
- All computers in our organization have undergone multiple security sweeps and, as an added preventative measure, computers are actively being wiped and reset.
We sincerely apologize and, as of this moment, we strongly believe that no other information has been compromised. If you have any additional questions or concerns our Customer Service team is happy to address them. You can reach them via email at firstname.lastname@example.org or over the phone at 877-909-6699 ext 2.
UPDATED: February 22nd 2019 - An account of one of our clients was accessed and another email was sent directly from them. We have been working with this store directly to address and resolve the issue.