Hardcoded API Keys of Email Marketing Services Puts 54M+ Mobile App Users at Risk

CloudSEK’s  BeVigil, the world’s first security search engine for mobile apps, uncovered about  50% of the analyzed (600) apps, leaking API keys of three popular transactional and marketing email service providers; Mailgun, MailChimp, and Sendgrid. Transactional email services reduce developer time, improve deliverability and reduce support issues.

‍

Together these three email service providers command a sizable market share of the global individual and retail population.

‍