Digital Ocean: Ban on Mailchimp after hack & data leaks

Digital Ocean he revealed that some of its customers' email addresses were exposed to attackers, following an attack on email marketing service Mailchimp.

This story begins last week when some users noticed that email marketing service Mailchimp had suspended service for some of its customers. The reason cited by the company was privacy policy violations.
But last Friday, the company said an attack on its services was the cause of the problems.


"Across the technology industry, malicious users are developing sophisticated phishing and social engineering tactics that target data and information," a Mailchimp spokesperson said on August 12.

"In response to a recent attack targeting Mailchimp users, we have taken the precautionary step of temporarily suspending access to accounts where we detected suspicious activity while we further investigate the incident."

Digital Ocean revealed on Monday that on August 8 its engineering team noticed that Mailchimp had stopped providing emails such as confirmations, password resets, and email notifications.

The reason for this suspension was that Mailchimp had suspended Digital Ocean's account, without any warning or explanation.
Around the same time, Digital Ocean's security team "was notified by a customer that their password had been changed, without their approval."

Digital Ocean naturally asked Mailchimp for an explanation.

According to Digital Ocean, it took two days for Mailchimp to respond through its lawyers because it admitted to “unauthorized access to company accounts” stating that an attacker had compromised an internal Mailchimp tool.”

Digital Ocean said it will learn from the experience by more widely implementing two-factor authentication and improving security for SaaS and PaaS providers.

Mailchimp's explanation for the incident on the other hand is not sufficient. He is only reporting on the ongoing research he is currently doing. But it doesn't tell the whole of its security history: and in April 2022, fraudsters stole email lists of its customers. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Mailchimp, Digital Ocean, iguru

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).