Mailchimp Suffers Another Security Breach Compromising Some Customers’ Information

Jan 19, 2023Ravie LakshmananEmail Security / Security Breach

Popular email marketing and newsletter service Mailchimp has
disclosed yet another security breach that enabled threat actors to
access an internal support and account admin tool to obtain
information about 133 customers.

“The unauthorized actor conducted a social engineering attack on
Mailchimp employees and contractors, and obtained access to select
Mailchimp accounts using employee credentials compromised in that
attack,” the Intuit-owned company said^[1]
in a disclosure.

The development was first reported^[2]
by TechCrunch.

Mailchimp said it identified the lapse on January 11, 2023, and
noted that there is no evidence the unauthorized party breached
Intuit systems or other customer information beyond the 133
accounts.

It further said the primary contacts for all those affected
accounts were notified within 24 hours, and that it has since
assisted those users in regaining access to their accounts.

The Atlanta-based company, however, did not reveal the duration
for which the intruder remained on its systems and the exact types
of information accessed.

But WooCommerce, which is one of the breached accounts, said the
incident exposed users’ names, store URLs, addresses, and email
addresses but not their payment data, passwords, or other sensitive
information.

In the past year alone, Mailchimp has been the victim of two
different breaches, the first one of which involved a malicious
actor gaining unauthorized access to 319 customer accounts^[3]
in April 2022 with the goal of carrying out crypto phishing
scams.

Then in August 2022, it fell for another elaborate social
engineering attack orchestrated by a group called 0ktapus (aka
Scatter Swine^[4]) that resulted in the
compromise of 216 customer accounts^[5].