Mailchimp suffers another major data breach following employee hack

>

Leading email marketing company MailChimp has suffered a data breach after hackers managed to steal login credentials from its employees.

The company confirmed the news in a notification sent to affected customers, noting that threat actors had launched a successful social engineering attack on its employees and contractors, giving them access to internal customer support and account management tools.

MailChimp said it noticed the suspicious activity on Jan. 11 and quickly suspended access to affected accounts.

More than a hundred victims

“After finding evidence of an unauthorized actor, we temporarily suspended account access for Mailchimp accounts where we detected suspicious activity to protect our users’ data,” the company said in the announcement. “We notified primary contacts for all affected accounts on Jan. 12, less than 24 hours after the initial discovery.”

Further investigation revealed that a total of 133 customers were affected by the breach, including a popular WordPress plugin, WooCommerce eCommerce.

WooCommerce sent out a warning to its users, saying that while names, store URLs, addresses, and email addresses were likely to be accessed, payment details, passwords, or other sensitive data were not. The company also said there is currently no evidence that the attackers are using the information obtained. Yet this kind of data is rarely used because it is a powerful weapon in phishing attacks, business email compromise attacks, and other identity theft. (opens in new tab) to attack.

This isn’t the first time MailChimp has made headlines for all the wrong reasons. In April 2022, the company announced a data breach in which attackers got away with over a hundred mailing lists. The mailing lists were later used to target people with phishing attacks, trying to steal their money and cryptocurrency holdings.

With the stolen credentials, the attackers gained access to 319 MailChimp accounts and exported “audience data,” including mailing lists from 102 customer accounts.

They also had access to API keys (now defunct) from an unknown number of customers. The keys allow the attackers to create custom email campaigns and send them to mailing lists without accessing MailChimp’s customer portal.

One of the companies whose customers were targeted in a phishing attack was Trezor, a hardware crypto wallet company.

Through: Beeping computer (opens in new tab)

Related Post