Hackers gained access to an internal customer assistance and account administration tool, and the email marketing company MailChimp had another breach that gave threat actors access to the information of 133 customers. According to MailChimp, the attackers used social engineering to trick contractors and workers of the company into giving them access to employee login information.
The hack was initially discovered on January 11th, when MailChimp discovered an unauthorized user using their support resources. According to a statement on the security incident, “After we uncovered evidence of an unauthorized actor, we temporarily banned account access for Mailchimp accounts where we observed suspicious behavior to protect our users’ data.” Less than 24 hours following the initial discovery, on January 12, we alerted the principal contacts for all impacted accounts.
MailChimp Reacts To The Compromise.
MailChimp informed BleepingComputer that no credit card or password information was compromised as a result of the incident, despite the fact that it is not a regular practice for them to disclose client information. “Our investigation into the matter is still ongoing, and part of it entails figuring out how to make our platform even more secure. We are not making public comments about our activities due to operational security concerns” MailChimp.
Customers have received emails from WooCommerce informing them that their names, store URLs, addresses, and email addresses were exposed due to the MailChimp breach. Even though threat actors frequently exploit this kind of information for targeted phishing attacks to steal credentials or install malware, WooCommerce claims that there is no evidence that the stolen data has been misused.
Owners of Trezor hardware wallets started getting phony data breach warnings in April 2022, which prompted users to download a bogus version of the Trezor Suite software that would steal their recovery seeds.
The email list utilized in this phishing campaign was a Trezor mailing list that was obtained in a MailChimp breach. Later, MailChimp acknowledged that the breach was more serious. As a result of staff falling for a social engineering trick, threat actors gained access to 319 MailChimp accounts and were able to export the data of 102 clients.
The marketing business acknowledged that this information was used in phishing emails but would not provide further details on the attacks. A second breach of MailChimp occurred in August 2022 as a result of staff members falling for the ‘0ktapus’ Okta phishing scam. The August incident impacted customers like Edge Wallet, Cointelegraph, NFT developers, Ethereum FESP, Messari, and Decrypt.
Previous Breach With Mailchimp Last Year
Mailchimp was also compromised last year, was discovered on March 26th, according to Mailchimp’s chief information security officer Siobhan Smyth, when the company discovered illegal access to a tool used by its customer care and account management teams. The stolen employee accounts were deleted by Mailchimp when it became aware of the attack. However, the hackers were still able to examine about 300 user accounts and steal audience information from 102 of them, according to Smyth.
“We are proud of our infrastructure, security culture, and our client’s faith in us to protect their data. We have strong procedures and security measures in place to safeguard our users’ information and avert further incidents. We recognize that this issue has inconvenienced and confused both our users and their consumers, and we genuinely regret to them it, Smyth added.
How Can an Email Breach Be Prevented?
Among the steps to take to stop an email security breach are:
- ID Protection & Monitoring:
You must keep an eye on your personal and public records since doing so could help you avoid falling victim to identity theft. This will assist you in keeping track of the kinds of public documents that are accessible about you online. You can use our service to keep an eye on that data.
- Monitor Your Accounts & Check for Exposure:
We advise you to confirm the accuracy of your identification profile to assist in guarding against the impacts of an email data leak. You can secure your data and respond swiftly in the case of a data breach by having control over the information that is publicly available about you online and being aware of the personal information that identity thieves can access.
- Online Security:
By giving your personal information to only accredited companies and services that can be verified and trusted, you can ensure that you are using the internet safely. This can assist in preventing identity theft. Use secure websites at all times, and make sure you are aware of their offerings. To prevent identity thieves from getting your social security number or date of birth, never give it out online.
- Implementing Two-Factor Authentication for Password Protection:
Secure your email accounts from hacks, breaches, and data dumps from compromised websites. To protect your online accounts and prevent identity theft, use strong passwords. Never reuse passwords; always use unique ones for every email account.
Mailchimp, a market leader in email marketing and newsletters, claims that it was hacked and that the data of numerous clients were exposed. In the previous six months, the organization has experienced two hacks. Even worse, this breach resembles an earlier occurrence remarkably well. The Intuit-owned business said in an unattributed blog post that on January 11, a hacker gained access to one of its internal tools used for Mailchimp account management and customer assistance.
The company did not specify how long the hacker was in its systems if it was known. According to Mailchimp, the hacker used a social engineering attack to target its employees and contractors. In this type of attack, a person manipulates another person over the phone, by email, or by text to obtain sensitive information like passwords. After informing the organization of the incident, the hacker utilized the stolen employee passwords to access information on 133 Mailchimp accounts.