12/01/2025, 12:15am EST

Since about 12:15 AM Eastern US Time on Monday, December 1, some Quickbase US customers who use free e-mail services from providers including Apple (e.g., icloud.com, me.com), Microsoft (e.g., outlook.com, live.com, hotmail.com, msn.com), and Yahoo (yahoo.com) are not receiving e-mail generated by the Quickbase US platform, or that e-mail is being delayed.  This is because the e-mail servers used by the Quickbase US platform have been designated by Apple, Microsoft, and Yahoo as a source of spam for users of their free e-mail services.

The majority of Quickbase US customers do not use these free e-mail services and hence are not impacted by this issue.

We apologize for the negative impact this issue is having on some customers and doing everything we can to resolve it.

The spam designation occurred as a result of a bad actor compromising the platform user login of one Quickbase customer and then using the compromised user account to generate multiple variations of a malicious e-mail that was sent from the Quickbase US platform thousands of times.  As with all e-mail from the Quickbase platform, the sender address was notify@quickbase.com.

The vast majority of the e-mails appear to have been sent to e-mail addresses that the bad actor likely harvested from other sources and are not the e-mail addresses of Quickbase customers.  However, Quickbase customers who do use the free e-mail services are being impacted as a result of the e-mail providers seeing all the spam e-mail coming from the Quickbase US platform to their various e-mail services and those providers blocking or delaying all e-mail from Quickbase, not just the spam e-mails.

We have worked with the compromised customer to secure their account, and no malicious e-mails have been sent since 9:00 PM Eastern US Time on Monday, December 1.  Nonetheless, the impact continues due to how major providers of free e-mail services manage spam.

The variations of the malicious e-mail had one of the following 5 subject lines:

• "DisneyPinnacle: Your Exclusive NFT Mint Is Ready"
• "Your Disney Pinnacle × Quickbase Mint Is Ready!"
• "ThailandPost : Tracking Number 47****03TH Reported Date# 30.11.2025"
• "ThailandPost : 47****03TH"
• "ThailandPost : Tracking Number 47****03TH"

We've found that the e-mail providers have blocked more than just e-mails coming from notify@quickbase.com.  They are also blocking or delaying e-mail from the following Quickbase e-mail addresses:

• corpsales@quickbase.com 
• support@quickbase.com
• university@quickbase.com
• builderprogram@quickbase.com

We are actively working with our e-mail delivery vendor to get Apple, Microsoft, and Yahoo to remove the blocks on our e-mail.  We hope that will occur on Wednesday but we have no ability to hasten the process they follow for evaluating e-mail servers they believe are sources of spam.

We are taking steps to more quickly detect and stop any future attempts to send malicious e-mails via the Quickbase platform.  Although the bad actor in this case used a sophisticated approach to circumvent our existing controls, we've already identified ways to better defend ourselves, some of which have already been implemented and others we intend to implement in the days ahead.

We will update this post as we get more information on our requests to these free e-mail providers, or as we see the successful deliverability of Quickbase US platform e-mail change.

12/03/2025, 11:00am EST

As of 4:00 AM Eastern US Time, Microsoft is no longer blocking e-mail from Quickbase.  We are continuing to work with our e-mail delivery vendor to get Apple and Yahoo to remove the blocks on our e-mail.

12/05/2025, 03:00pm EST

As of 12:50 PM Eastern US Time, Apple is no longer blocking e-mail from Quickbase.  We are continuing to work with our e-mail delivery vendor to get Yahoo to remove the blocks on our e-mail.

12/10/2025, 09:40pm EST

As of 9:40 PM Eastern US time, Yahoo is no longer blocking or rate limiting e-mail from Quickbase.