At 6:14am on 30-Aug our registration API was maliciously utilised in a spam attack. The attack lasted until 4:51pm on 30-Aug and resulted in 305,850 emails being sent to unknown email addresses via our mail.flexitime.co.nz domain.
We have implemented measures to block this attack vector and are in the process of remediating the impact on our domain reputation.
We are currently experiencing some mail deliverability issues as a result of this attack, with Yahoo and AOL accounts in particular. We're working with Yahoo and our email service provider to try and resolve this as quickly as possible.