Our investigation has concluded. The root cause was identified as a free trial tenant abusing a test email endpoint.
The offending tenant has been disabled and we are deploying additional controls to prevent this type of misuse in the future. No customer data was compromised and the impact was limited to the unauthorized emails sent from this single vector.
We apologize for the inconvenience and appreciate your patience.
Posted May 12, 2026 - 15:20 PDT
Monitoring
A fix has been implemented and we are monitoring the results.
Posted May 12, 2026 - 11:08 PDT
Investigating
We recently identified a security issue involving an unauthorized email sent from our domain. We are aware of this matter and are treating it with the highest priority. Our investigation is ongoing, and at this time we believe the scope of this incident was limited to a single vector, which has since been disabled. We have no indication of broader impact. We will provide an update as our investigation progresses. In the meantime, if you received any suspicious emails purporting to be from us, please disregard them and do not take any action based on their contents. If you have any questions or concerns, please don't hesitate to reach out.