Security News > 2022 > August > Email marketing firm hacked to steal crypto-focused mailing lists
Email marketing firm Klaviyo suffered a data breach on August 3rd. Hackers gained access to internal systems after stealing an employee's credentials via a phishing attack.
Hacker downloaded marketing lists used by cryptocurrency-related accounts, and for Klaviyo product and marketing updates.
Email marketing firm Klaviyo disclosed a data breach after threat actors gained access to internal systems and downloaded marketing lists for cryptocurrency-related customers.
"The threat actor used the internal customer support tools to search for primarily crypto related accounts and viewed list and segment information for 44 Klaviyo accounts. For 38 of these accounts, the threat actor downloaded list or segment information," explained a security notification from Klavyio.
The hackers also downloaded two internal lists used by Klaviyo for product and marketing updates that contain names, addresses, email addresses, and phone numbers.
Klaviyo says they have notified law enforcement and engaged with a third-party cybersecurity firm to investigate a breach of their network.