Hacker News new | past | comments | ask | show | jobs | submit login

The mail was sent from Amazon SES. To be able to send email from your domain they had to verify it. TXT _amazonses.browserstack.com doesn't show any record for verification. How could the hacker that had solely access to a list of email addresses verify your domain?



Does anybody have the e-mail that was sent raw headers? Perhaps they sent the e-mails from code that calls out to Amazon SES?


We will be sharing an entire post-mortem in the next few days. Currently, all our efforts are focused on getting the service up and running and to ensure our users’ interests are taken care of.


> and to ensure our users’ interests are taken care of.

Every time I see that line I know that 'users interests are not currently taken care of'. If it were you'd be taking the GP a bit more serious, he's supposedly one of those users you're trying to take care of. If all you're going to do here is to say 'nothing to see here folks and we're on top of it' then you might as well say nothing.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: