Product reviews, deals and the latest tech news

Mailchimp experiences a second significant data breach after an employee hack

MailChimp, a prominent email marketing service, was the victim of a data breach when hackers gained access to employee login credentials.

In an email to affected customers, the firm confirmed the news and explained that the social engineering attack was successful in tricking employees and contractors into giving the attackers access to internal customer support and account administration tools.

As soon as MailChimp noticed the unusual behaviour on January 11, it locked down the compromised accounts.

One hundred plus dead

To “temporarily suspend account access for Mailchimp accounts where we detected suspicious activity to protect our users’ data,” the company said in the announcement after discovering evidence of an unauthorised actor. As of January 12th, less than 24 hours after the initial discovery, we had notified the primary contacts for all affected accounts.

WooCommerce eCommerce, a popular WordPress plugin, was found to have had 133 customers who were compromised after further investigation.

While names, store URLs, addresses, and email addresses were likely accessed, WooCommerce assured its customers that financial information, passwords, and other sensitive data were not. Furthermore, the company claims it has seen no evidence that the hackers are actually using the stolen data. Phishing, business email compromise, and other forms of identity theft still frequently make use of this information.

Unfortunately, this is not the first time MailChimp has made news for the wrong reasons. There was a data breach announced by the company in April 2022, and the hackers managed to steal over a hundred mailing lists. Later, the mailing lists were used in phishing attacks designed to steal victims’ cryptocurrency and financial information.

Using the compromised credentials, the hackers were able to access 319 customer accounts on MailChimp and export “audience data,” which included mailing lists from 102 accounts.

They also gained access to API keys for an unspecified number of former users. Without accessing the MailChimp user interface, the attackers can now use the keys to generate and send out personalised email campaigns to mailing lists.

Trezor, a maker of cryptocurrency wallet hardware, was a victim of a phishing attack that aimed to steal users’ credentials.