An API key leak in this case would allow threat actors to read conversations, fetch customer information, expose email lists of multiple campaigns containing PII, start fake email campaigns and ...