Mail delivery service 'Mailchimp' receives unauthorized access by hackers and part of customer data leaks

It was found that an attacker invaded ' Mailchimp ', a newsletter distribution and email marketing service, and illegally accessed the data of more than 100 accounts.

Information About a Recent Security Incident | Mailchimp

Mailchimp says it was hacked — again | TechCrunch

Mailchimp announced that on January 11, 2023, its security team identified an unauthorized actor gaining access to one of the accounts of a tool used by its customer-facing team for customer support and account management. Did. The attackers carried out social engineering attacks against Mailchimp employees and contractors and used the credentials of the employees compromised in the attack to gain access to Mailchimp accounts.

This targeted incident targeted 133 Mailchimp accounts, and did not affect systems or customers of services other than Mailchimp operated by Intuit.

Our security team has suspended access to accounts with suspicious activity to protect user data. Within 24 hours of the breach, we notified the primary contact for all accounts that we believe were impacted.

In addition, Mailchimp was also attacked in August 2022, and it is known that more than 200 accounts, including those of DigitalOcean, a major cloud company, were illegally accessed.

DigitalOcean reports that there was unauthorized access with the mail distribution tool ``MailChimp''-GIGAZINE

Chief Security Officer Siobhan Smith resigned after the August 2022 attacks.

in Web Service,   Security, Posted by logc_nt