Contacts Created Via Events Seems Vulnerable

contacts

#1

It seems strange that contacts can be created by passing in an email. Shouldn’t they be anonymous in events? The reason I ask, is that if someone wanted to run our Hubspot bill up (and clutter Hubspot horribly), they can spam us by hitting a URL with random email addresses like http://track.hubspot.com/v1/event/?_a=8888888&_n=00000122223333&email=junk123@fakeemails.com .


#2

@dadams Any feedback on this?