Hello everyone,
We are avid Klaviyo users however something really strange happened within our account this week and I'd like to understand whether we were alone in this or other people experienced similar.
On Monday night one of our admin accounts was used to upload a new list with 10,001 profiles within it, a new domain was added to our account and a campaign was run sending phishing emails out to the uploaded list. The admin account had 2fa in place and no alters were received requesting a login.
None of our own profiles were sent to but the phishing campaign was sent using our domain rather than the one that they added. the added domain was removed however we don’t know by who or when.
We were told by a support agent that weren't the only client experiencing this issue and that it was widespread. whilst this wasn't good, it at least explained that it wasn't our account but a wider issue.
Compliance got involved, responses were slow, they then locked our account and stated that there was no other reports and it was solely our account that had been breached. We had to evidence various things to get the account back live but to date we have had no explanation of what happened other than a one liner saying it was our account. As I said earlier, this makes no sense as 2fa was in place. The device that is used for the 2fa received zero requests for logging in when the issue took place.
So, has anyone else experienced this or heard of anything like it?
Needless to say, this campaign resulted in negative business reviews stating that we are spammers. It's hugely frustrating as we work tirelessly on first class customer service and can see no evidence that the account was breached.
Many thanks in advance
Danny
