Security News > 2022 > August > Digital Ocean dumps Mailchimp after attack leaked customer email addresses

Junior cloud Digital Ocean has revealed that some of its clients' email addresses were exposed to attackers, thanks to an attack on email marketing service Mailchimp.

Digital Ocean on Monday revealed that on August 8th its engineering team noticed that Mailchimp had stopped delivering emails such as confirmations, password resets, email-based alerts for product health, and "Dozens of other transactional emails".

The reason for that outage was that Mailchimp had suspended Digital Ocean's account, without any warning or explanation.

Digital Ocean assumed that the email outage and unauthorised password reset were connected, and on August 8th asked Mailchimp for an explanation.

In Digital Ocean's telling of the tale, it took two days before Mailchimp started talking - and involved its lawyers because the email company admitted to "Unauthorized access to our and other accounts by what we understand to be an attacker who had compromised Mailchimp internal tooling."

While Mailchimp was figuring that out, Digital Ocean "Decided to immediately migrate critical services away from Mailchimp to another email service provider." The cloud provider was up and running with another email provided by 11pm ET August 9th. Digital Ocean has vowed to learn from the experience by implementing two factor authentication more widely, and improving "Threat models and security visibility" for its SaaS and PaaS providers so it can better understand how third parties can impact its reliability regimes.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/08/16/digital_ocean_dumps_mailchimp/