Walmart 'Shocked' After 'External Bad Actor' Sends Out Email With N-Word From Its Account

By Cammy Pedroja On 5/24/21 at 9:26 PM EDT

Several Twitter users reported receiving emails containing the N-word from the official help@walmart.com address on Monday. The multi-billion-dollar corporation said in a statement that "an external bad actor" was responsible for the emails.

An auto-generated "Welcome to Walmart" message is usually sent to new customers when they sign up online and contains no offensive content. However, Monday morning, Twitter users who were not new Walmart customers began posting screenshots of offensive emails they had received unsolicited, containing the phrase, "Welcome to Walmart, [N-word]!" Where a new customer's name would usually appear, a racist slur appeared instead.

People began reacting right away.

"What's the best way to contact you guys for a very inappropriate email my daughter received in their inbox from you?" user @GDolceMiami tweeted. User @53Clare added, "@Walmart i received a very disturbing email from you this am. Please dm me so@i can share said email."

Walmart spokesperson Molly Blakeman said in a statement that "an external bad actor" created fake user accounts "with obvious intent to offend our customers."

"We were shocked and appalled to see these offensive and unacceptable emails. We're looking into our sign up process to ensure something like this doesn't happen again," Blakeman said.

The spokesperson did not disclose how many people received the offensive email in question, but she did add that Walmart is "looking to hold those responsible accountable."

Several Twitter users reported receiving emails containing the n-word from the official help@walmart.com address on Monday. The multi-billion-dollar corporation said in a statement that "an external bad actor" was responsible for the emails. This image shows the entrance to a Walmart store in Mountain View, California on Jan 9, 2020. Sundry Photography/Getty

"The actors likely acquired email addresses from an easily and freely available 'dump' from a historical third-party compromise," Vikram Thakur, technical director at security software firm Symantec, told CNN Monday.

The prankster likely collected a series of emails, entered them into the Walmart system as "new customers" but put in the first name as [n-word] for each email entry. There is no evidence that Walmart's internal systems were compromised or that any customer data is at risk.

This kind of prank is usually referred to as a "spoofing" attack. Sometimes these attacks can be damaging to a company's public image when some recipients believe the emails are authentic. Other times, the attacks can be more malicious and attempt to gain personal information or financial details from victims.

In a notable recent example, scammers pretending to be Elon Musk cheated victims out of more than $2 million in the cryptocurrency gold rush.

Newsweek has reached out to Walmart for comment and will update this story with any response.