Your logic is a bit weird.

Sendgrid just experienced this major embarrassment and are currently re-training their staff to avoid it again at all costs.

And you're going to move away from them now?

I'll talk it over with my group. Retraining doesn't guarantee anything. It could be that this problem is endemic to the company itself.

For example, why should 1st level support have the ability to make major changes like this? It sounds like only 2nd level support, a smaller group of more highly trained support staff, should have the ability to do this. Does SendGrid have enough money/resources to split their team into 1st and 2nd level support? Would a larger company have those type of resources that would better protect my customers?

These are questions I will talk over with my team.

The fact the Sendgrid even has to do re-training in the first place is the problem. They only need to do and handful of things well and keeping their users accounts secure is arguably the most important. If they are having issues like this this far along in their lifespan, it's a sign of more systemic issues in their company and does not instil much confidence to potential/current customers. Wanting to switch vendors doesn't seem weird at all to me.

I think you're being lenient with SendGrid because it was a close call and not a full-blown catastrophe. First of all, SendGrid lied about its support staff's permissions. After the incident, SendGrid then sends an "oops! our bad!" e-mail where the employee in question will apparently be gently tapped on the wrist and maybe send a passive-aggressive reprimand.

I mean, keep in mind that this is the same company that publicly crucified a female employee in order to stop a DDoS attack. Clearly there are some priorities out of whack there, and given the insecure nature of e-mail in the first place, I would never want to deal with a company that is so clearly unprofessional.