Mailchimp hacked … again

Mailchimp, an email marketing and newsletter company, has announced that it has been hacked and that dozens of customer data has been released online.

It is the second time the company has been hacked in the last six months. Worse, this time the breach appears to be almost identical to the previous incident.Mailchimp

Mailchimp reported to a post on her blog that its security team detected an attacker on January 11 who accessed one of the internal tools used by the company's customer support and account management. The company did not say how long the intruder had been on its systems.

Mailchimp said the hacker targeted its employees with a social engineering attack via phone, email and SMS to obtain private information such as passwords. The hacker then used employee passwords to access Mailchimp data.

One of these hacked accounts belongs to e-commerce giant WooCommerce. In a note to its customers, WooCommerce said it was notified by Mailchimp a day later and that the breach may have exposed its customers' names, store web addresses and email addresses.

Last August, Mailchimp again announced that it was the victim of a social engineering attack that targeted the credentials of its customer support staff, giving the attacker access to internal Mailchimp tools. In this breach, data was leaked for around 214 major hacked Mailchimp accounts, mostly cryptocurrency accounts but also DigitalOcean confirmed that its account was breached and strongly criticized Mailchimp's handling of the breach.

Mailchimp said at the time that it had implemented "additional enhanced security measures," but did not say what they were.

iGuRu.gr The Best Technology Site in Greecegns

every publication, directly to your inbox

Join the 2.110 registrants.
Mailchimp, mailchimp what is it

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).