Funimation selling email lists?
-
Today, I received a spam email through a major email company (sendgrid.com) to an email address that only Funimation had... it was the (unique) address I used to obtain my Funimation membership.
Has anyone else had a mysterious message from sendgrid (the message itself has multiple domains claimed in it) that came to your Funimation email address?
Disclaimer: I'm trying to make a case that someone has either bought or stolen email addresses from Sony/Funimation. It isn't the first time they've had data stolen.
-
I'm not on the Funimation mailing list so can't be of assistance. Have you tried contacting Funimation about it? You could also check your email on https://haveibeenpwned.com/
-
I went to Funimation's site, but didn't see anywhere to report THAT sort of problem.
HOWEVER, the site you linked to came up with this:
Funimation: In July 2016, the anime site Funimation suffered a data breach that impacted 2.5 million accounts. The data contained usernames, email addresses, dates of birth and salted SHA1 hashes of passwords.
Compromised data: Dates of birth, Email addresses, Passwords, Usernames
So, they stole the fake information I gave Funimation back then. They think I'm over 100 years old.
-
All kinds of information about you gets sold online all the time, but I think that it's pretty common for companies to agree to not give your e-mail address away or to sell it to third parties. So, if your e-mail address starts getting spam, it's usually either because a company you gave it to got breached at some point, or you use that e-mail address with normal people instead of just companies, and someone you communicate with had their address book swiped by malware.
-
@Kalessin That's why it's nice to own your own email server... I have the ability to assign a unique email address from any of a dozen domains to each and every contact. If I get spam to any address, I know exactly who got compromised.
-
@SomeOldGuy I have my own domain (though not my own e-mail server; I just use runbox.com) for that very reason. Normally, every site I use has its own e-mail address / alias, so when one gets compromised, I know who was compromised, and it's easy enough to switch and send the spam into a black hole.
-
@SomeOldGuy Yes, that happened... I believe they sent an email about it shortly after it happened with warnings about changing passwords.
That said, I haven't received any spam/phishing/social engineering emails sent to my Funimation alias. I'm actually kind of surprised it's still in use since I know it's been compromised, however, since it hasn't received emails to that address I haven't yet encountered a reason to switch out the alias. I do know that there's at least one botnet is trying to login to my email server and it makes some attempts using that alias.
