Funimation selling email lists?
Today, I received a spam email through a major email company (sendgrid.com) to an email address that only Funimation had... it was the (unique) address I used to obtain my Funimation membership.
Has anyone else had a mysterious message from sendgrid (the message itself has multiple domains claimed in it) that came to your Funimation email address?
Disclaimer: I'm trying to make a case that someone has either bought or stolen email addresses from Sony/Funimation. It isn't the first time they've had data stolen.
I'm not on the Funimation mailing list so can't be of assistance. Have you tried contacting Funimation about it? You could also check your email on https://haveibeenpwned.com/
I went to Funimation's site, but didn't see anywhere to report THAT sort of problem.
HOWEVER, the site you linked to came up with this:
Funimation: In July 2016, the anime site Funimation suffered a data breach that impacted 2.5 million accounts. The data contained usernames, email addresses, dates of birth and salted SHA1 hashes of passwords.
Compromised data: Dates of birth, Email addresses, Passwords, Usernames
So, they stole the fake information I gave Funimation back then. They think I'm over 100 years old.
All kinds of information about you gets sold online all the time, but I think that it's pretty common for companies to agree to not give your e-mail address away or to sell it to third parties. So, if your e-mail address starts getting spam, it's usually either because a company you gave it to got breached at some point, or you use that e-mail address with normal people instead of just companies, and someone you communicate with had their address book swiped by malware.
@Kalessin That's why it's nice to own your own email server... I have the ability to assign a unique email address from any of a dozen domains to each and every contact. If I get spam to any address, I know exactly who got compromised.
@SomeOldGuy I have my own domain (though not my own e-mail server; I just use runbox.com) for that very reason. Normally, every site I use has its own e-mail address / alias, so when one gets compromised, I know who was compromised, and it's easy enough to switch and send the spam into a black hole.
@SomeOldGuy Yes, that happened... I believe they sent an email about it shortly after it happened with warnings about changing passwords.
That said, I haven't received any spam/phishing/social engineering emails sent to my Funimation alias. I'm actually kind of surprised it's still in use since I know it's been compromised, however, since it hasn't received emails to that address I haven't yet encountered a reason to switch out the alias. I do know that there's at least one botnet is trying to login to my email server and it makes some attempts using that alias.