MFA bypassed and account hacked on 2-25-24

AdminA1
Rookie
0 Votes
Has anyone else been hacked? On 2/25/24 we noticed some people had replied to an email we never sent. We never got any MFA code sent to us as this was happening. We only have 1 login account setup, I logged in and had to pass the MFA, which I did get when actually logging in. When I logged in I can see a new email campaign was created. It looks like 34k new people were added to the contacts as a new list, and then emailed this new email that contains links. So right now my contacts has a bunch of new people that were added 2/25/24 and they have been emailed some content with links that I assume are malicious. Has anyone else been hacked? How were they able to access my account without a MFA code being sent to me? has anyone else seen this? There is no active support at constant contact on Sundays, I can't get thru to anyone and I don't know if my account is secured.
1 REPLY 1
Caitlin_M
Administrator
0 Votes

Hello @admina1. I see you were able to connect with our Account Review team about this issue. They gave you some guidance and asked you to update your passwords. If you have any follow-up questions, please contact our Account Review team so they can securely discuss your account.  

--

Caitlin M.
Community Manager
Updates
Just Getting Started?

We’re here to help you grow. With how-to tutorials, courses, getting-started guides, videos and step-by-step instructions to start and succeed with Constant Contact.

Start Here
Upcoming Webinars
Apr 23
Community Conversations: SMS Marketing - Activate, Regulate, Communicate!
2PM - 3:00 PM EST