MailChimp, an email marketing company, was the victim of another security breach. Hackers gained access to internal account management tools and customer support systems. This allowed the attackers to gain the information of 133 customers.
MailChimp claims that the attackers obtained access to employees’ credentials by conducting a social-engineering attack against Mailchimp contractors and employees.
MailChimp discovered the attacker on January 11, after which they were able to detect it in their support tool.
“After we discovered evidence of an unauthorized actor, we temporarily blocked access to Mailchimp accounts that we suspected were involved in suspicious activity. This was done to safeguard our users’ personal data,” .
“We notified all primary contacts of affected accounts on January 12th, less than 24 hours following initial discovery.”
first reported that WooCommerce, a popular eCommerce plugin for WordPress, was one of those affected.
WooCommerce emailed its customers to warn them about the MailChimp breach. This included their store URLs and addresses.
Customers receive this via a noreply address as information about a data @ . #privacy #malware #dataprotection #itsecurity pic.twitter.com/O9AmA2cyBu
WooCommerce claims that no evidence has been found that stolen data was misused. However, this data is often used by threat actors for targeted phishing attacks that steal credentials and install malware.
Trezor wallet owners started receiving in April 2022. This prompting them to install a fake Trezor suite software which would steal their recovery seed.
Trezor , that this phishing campaign used a Trezor mail list which was stolen from MailChimp.
MailChimp later . Employees were able to fall for a social engineering attack which allowed threat actors access to 319 MailChimp accounts, and exported data from 102 customers.
Although the marketing company acknowledged that these data were being used for phishing email attacks, they declined to provide more details.
MailChimp suffered another breach in August 2022 when , which was dubbed “0ktapus”.
MailChimp told BleepingComputer at the time that the , focusing on cryptocurrency-related customers.
Cointelegraph and Edge Wallet were among the customers affected by August’s breach.