Security News > 2022 > August > New MailChimp breach exposed DigitalOcean customer email addresses
The company says they first learned of the breach after MailChimp disabled their account without warning on August 8th. DigitalOcean used this MailChimp account to send email confirmations, password reset notifications, and alerts to customers.
"We were formally notified on August 10th by Mailchimp of the unauthorized access to our and other accounts by what we understand to be an attacker who had compromised Mailchimp internal tooling," explains a security advisory from DigitalOcean.
Further investigations showed that the threat actor used the stolen customer email addresses to try and gain access to DigitalOcean accounts by performing password resets.
"In response to a recent attack targeting Mailchimp's crypto-related users, we've taken proactive measures to temporarily suspend account access for accounts where we detected suspicious activity while we investigate the incident further," reads the short advisory from MailChimp.
In response to questions about the breach, MailChimp told BleepingComputer that they were breached through phishing and social engineering tactics that allowed the hackers to access 214 MailChimp accounts.
"We recently experienced a security incident in which unauthorized actors targeted Mailchimp's crypto-related users by employing sophisticated phishing and social engineering tactics. Based on our investigation to date, it appears that 214 Mailchimp accounts were affected by the incident." - MailChimp.