MailChimp breach exposes hundreds of customer accounts
Compromised accounts later used to launch phishing attacks against crypto holders
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
One of the biggestmarketingautomation platforms andemail marketingservices, MailChimp, was breached over the weekend, with attackers getting away with more than a hundred mailing lists.
The mailing lists were later used to target people with phishing attacks, in an attempt to steal their money and cryptocurrency holdings.
As reported byBleepingComputer, MailChimp announced the breach on Sunday. Apparently, a number of employees fell for a social engineering attack, and had theircredentials stolen.
We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time. Thank you for taking part.
Click here to start the survey in a new window«
Targeting Trezor users
The stolen accounts were quickly terminated, and MailChimp took additional steps to prevent other employees from being affected, the company said. But the damage had already been done.
With the stolen credentials, the attackers accessed 319 MailChimp accounts and exported “audience data”, including mailing lists from 102 customer accounts.
They also accessed API keys (now defunct) from an unknown number of customers. With the keys, the attackers can create custom email campaigns and send them to mailing lists without accessing the MailChimp customer portal.
One of the companies whose customers were targeted with a phishing attack was hardware crypto wallet company Trezor. Soon after the breach, Trezor customers started getting an email that stated that the company had suffered a data breach, and invited users to download a program to help them reset the PINs on their hardware wallets.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The program disguised amalwarestrain that allowed attackers to steal the contents of the wallet.
What is phishing and how dangerous is it?>Hackers have found a clever new way to steal your Microsoft 365 credentials>Google update looks to help you spot Workspace phishing scams
Siobhan Smyth, Mailchimp’s CISO, toldBleepingComputerthat the company notified all of the compromised account holders, which included those in the cryptocurrency and finance sectors.
She reiterated the importance of having multi-factor authentication as an added layer of protection against attacks.
“We sincerely apologize to our users for this incident and realize that it brings inconvenience and raises questions for our users and their customers. We take pride in our security culture, infrastructure, and the trust our customers place in us to safeguard their data. We’re confident in the security measures and robust processes we have in place toprotect our users’ dataand prevent future incidents,” Smyth said.
ViaBleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
Windows PCs targeted by new malware hitting a vulnerable driver
Dangerous Android banking malware looks to trick victims with fake money transfers
Apple iMac 24-inch M4 (2024) review: the best, and most colorful, all-in-one computer levels up
