Internet Security Blog - Hackology SOLD our Email or it was a BREACH ? is my go-to site for quick IP details and I have been using it since they launched for their simplicity and accuracy but this blog post shows how our personal data was misused.

If you ever made an account on you might have noticed an email invitation from ([email protected]) with a title right-out-of-marketing-books “ invitation expires in 3 days” (Invitation still works after 2 weeks).

Nick Sherron invitation of invitation landed on 2nd May, I knew right off I had to write about this on my blog because has used my email address which is associated with “” without my permission. is a decentralized data exchange protocol that lets people connect their profiles, reputations and experiences across the web with privacy and security. invitation using ipinfo email invitation using email

How I know used Email

Since Gmail introduced the “Email Tag” ( feature I extensively use that for every website I signup. was no exception, so I signed up using my email with a dedicated tag for IPinfo ( . This is my way of monitoring which service misuses our data while sharing our information with other services.

The invitation email I got from had the ipinfo tag, selling our emails or just giving it away I wonder ?

IPInfo Account Email used by to send out invitation emails

Nick Sherron – Who are You / How you got my IPinfo Email ?

On the first glance I thought its a standard spam invitation, but as I always use a different tag for every online service I signup it gets easy for me to pin point the source of spam. In this case I did point out the source which happened to be ipinfo, but I had to double check if I knew any “Nick Sherron” and he kind of “actually” invited me using the tag “ipinfo” , less chances but its always good to verify eh.

Nick Sherron – VP Sales at IPINFO sent invitation emails

It didn’t take me long to find out that Nick Sherron is VP of Sales at and I was not connected to him in anyway (i “might” accept his invitation after posting this). That is another coincidence ?

  • tag was used in invitation email
  • invitation was sent by Nick who is VP of Sales at

This makes me wonder, was this done with consent of the complete team or anyone can go about and download email addresses of website users ?. When that can be done what is stopping them to download every other detail associated with us ? and Nick Sherron

Why would someone working for a reputable online service go through the trouble of scrapping our email address from and send out invites ?

Initial thought was that Nick is connected with but after going through team I couldn’t find any link between the both.

FUN BOTH : Dock.IO founder name is also “Nick” , “NICK Macario” – and that’s a coincidence in reality.

To find out what made Nick Sherron to misuse user data I went on to register with , as I expected : they offer an invite friend and earn cryptocurrency on their platform. referral invite system currently at 11.25 Docks

So Mr Nick Sherron took out all the users of ipinfo and sent them an email just to earn some dock crypto.

I would request Dock.IO to look into this matter ( Nick Sherron username on is “nicksherron” ) and to let us know how our email addresses were used by VP of Sales.

What has to Say

After publishing this blog post, I tweeted the same to ipinfo, dock and Nick. I thought it would be better that we also see their part of the story.

First reply came from @ipinfoio where they cleared that No Breach or Leak happened nor they Sold User Data. 

They explained it further that somehow “some” emails of IPinfo users got synced with “Nick” account within the CMS of IPinfo.

Further Nick replied and stated that he has “Deleted” the emails and it was stupid on his part.

I appreciate IPinfo being open and stating what happened, but it makes me wonder:

  • How Nick could “download” “some” emails and then import those into his email contact list
  • A bulk emailer was used to send out the invitation of , which means a “deliberate import of emails” was done to send out invites
  • Nick states that they do not use that CRM anymore. Was this email export the reason of that ? or its something we are missing?
  • I would appreciate over period of time a detailed explanation by IPinfo, to put everything to rest and make things clear

Get Wise

Subscribe to my newsletter to get latest InfoSec / Hacking News (1 Email/week)
Utopia p2p Ecosystem

Discover more from Internet Security Blog - Hackology

Subscribe now to keep reading and get access to the full archive.

Continue reading