Security News > 2023 > January > MailChimp discloses new breach after employees got hacked

MailChimp discloses new breach after employees got hacked
2023-01-18 21:11

Email marketing firm MailChimp suffered another breach after hackers accessed an internal customer support and account administration tool, allowing the threat actors to access the data of 133 customers.

MailChimp says the attackers gained access to employee credentials after conducting a social engineering attack on Mailchimp employees and contractors.

WooCommerce has emailed customers warning them that the MailChimp breach exposed their names, store URLs, addresses, and email addresses.

MailChimp later confirmed that the breach was more extensive, with employees falling for a social engineering attack that allowed threat actors to access 319 MailChimp accounts and export the data from 102 customers.

In August 2022, MailChimp was again breached after employees fell for an Okta phishing attack dubbed '0ktapus.

MailChimp told BleepingComputer at the time that the threat actors accessed 214 MailChimp accounts, focusing on cryptocurrency-related customers.


News URL

https://www.bleepingcomputer.com/news/security/mailchimp-discloses-new-breach-after-employees-got-hacked/