19 May 2020

Summary

On May 19, 2020 at approximately ~16:15 UTC our third party SMTP email provider enforced a password reset on a subset of SEDNA sub-user accounts. This reset resulted in outbound message deliveries to fail. Once our records were updated, all sent messages were successfully sent.

Why this happened

Our third party provider alerted us via email that they were enacting this forced password reset due to a suspicion that login information had been posted online. Our IP logs show no access from an unauthorized location and there is no evidence that data in our accounts were accessed by a bad actor.

As soon as we were alerted by our monitoring systems, we began resetting the sub-user accounts and updating our records. This restored email deliverability and all queued messages were delivered.

Actions and opportunities for improvement

1. We are working with our third party SMTP provider to ensure that should something like this happen again, we have improved notification such that we can reset the accounts ourselves - IN PROGRESS
2. We will be adjusting our outbound Non-Delivery Receipts to include better messaging, specifically informing you that messages will be re-tried and sent via SEDNA. - NOT STARTED

For any follow up questions please reach out to support@SEDNA.com.