The Mailchimp hack
The recent Mailchimp data breach has impacted multiple organizations, some of them are already notifying their customers.
The popular email marketing and newsletter platform Mailchimp recently disclosed a news data breach, the incident exposed the data of 133 customers.
Threat actors targeted the company’s employees and contractors to gain access to an internal support and account admin tool.
New detection of unauthorized user
“On January 11, the Mailchimp Security team identified an unauthorized actor accessing one of our tools used by Mailchimp customer-facing teams for customer support and account administration. The unauthorized actor conducted a social engineering attack on Mailchimp employees and contractors, and obtained access to select Mailchimp accounts using employee credentials compromised in that attack.” reads the notice published by the company. “Based on our investigation to date, this targeted incident has been limited to 133 Mailchimp accounts.”
The company added that there is no evidence that this security breach affected Intuit systems or other customer data beyond the reported 133 accounts.
Suspended access for accounts
The malicious activity was discovered on January 11, 2023, in response to the intrusion the company temporarily suspended access for impacted accounts. The company also notified the primary contacts for all affected accounts less than 24 hours after the initial discovery.
The list of the impacted companies includes WooCommerce, FanDuel, and the Solana Foundation.
TechCrunch first reported that one of the compromised accounts belongs to e-commerce giant WooCommerce.
“In a note to customers, WooCommerce said it was notified by Mailchimp a day later that the breach may have exposed the names, store web addresses and email addresses of its customers, though it said no customer passwords or other sensitive data was taken.” reads the post published by TechCrunch. “WooCommerce, which builds and maintains popular open source e-commerce tools for small businesses, relies on Mailchimp for sending emails to its customers. WooCommerce is said to have more than five million customers.”
WooCommerce sent a notice related to MailChimp data breach to its users via email.
#Woocommerce Users receive this from a noreply email address as an information of a data #breach at #Mailchimp. #privacy #malware #dataprotection #itsecurity pic.twitter.com/O9AmA2cyBu— Armin (@Arm_i_n) January 18, 2023The company informed customers that some of their data may have been exposed, including name, URL, address, and email address. WooCommerce pointed out that payment data, passwords or other sensitive information was not exposed.
MailChimp data breach also impacted the Solana Foundation, the nonprofit organization behind the Solana blockchain. The organization told its customers that the security breach may have exposed their info, including names, email addresses and Telegram usernames.
BREAKING: The Solana foundation email database at MailChimp was hacked. Beware of ALL emails for Solana projects.Double check all links. Don’t enter seed phrases to access your wallets through a website. Don’t connect your wallet to any links from emails. pic.twitter.com/7LlNMydlht— Jacob Canfield (@JacobCanfield) January 16, 2023Another company impacted by the data breach is the online gambling service FanDuel who warned its customers of phishing threat after data breach at Mailchimp. The company told its customers that their name and email address may have been compromised due to a security breach suffered a third-party technology vendor.
Both data breach notices send by Solana and FanDuel do not explicitly name Mailchimp.
Source Graham Cluley
The post Companies impacted by Mailchimp data breach warn their customers appeared first on Security Affairs.