Mailchimp is off to a bad start in 2023. After several intrusions into its systems in 2022, which allowed attackers to recover data on its customers, the company was again the victim of a hack at the start of the year.
According to Mailchimp, which warned its customers the day after the detection of unauthorized access, 133 accounts would be affected by the attack.
A second attack in 6 months and the third in a year
The black streak continues for Mailchimp. In April 2022, the company confirmed that it had suffered an attack. Through techniques of social engineering, the attackers had managed to obtain the credentials of service employees, which they used to access 319 Mailchimp accounts and retrieve data from 102 of them. As a result, users of Trezor, a company specializing in physical cryptocurrency wallets and a Mailchimp client, received phishing emails asking them to change their wallet PIN by downloading software. This software in question was malicious and could allow hackers to steal the crypto-currencies of their victims. The attackers were able to obtain emails from Trezor customers during their attack on Mailchimp.
In August 2022, history repeated itself: Mailchimp employees were the victims of an attack, again using social engineering and which had targeted numerous companies, including Signal. 214 accounts were affected by the incident, including that of DigitalOcean. And in January 2023, again: from social engineering, employees falling for it, and accounts compromised by attackers accessing internal company tools. This time the hackers were able to access 133 accounts.
WooCommerce affected by the attack
WooCommerce, the very popular e-commerce plugin for WordPress, has indicated in an email to its customers that its Mailchimp account has been compromised. If the plugin tried to reassure its users by telling them that no sensitive data, such as their banking information or their passwords, had been recovered, the attackers nevertheless left with the names, postal addresses, e-mail addresses and online store URLs. If we are to believe what happened to Trezor customers in April 2022, WooCommerce users are therefore likely to soon see attempted phishing attacks with the aim of stealing their accounts or having them install malware.
When Mailchimp was attacked in April 2022, the company’s CISO at the time, Siobhan Smyth, told TechCrunch that additional security measures had been taken to prevent future attacks, while refusing to go into details. If we believe this new attack, it would seem that unfortunately, they were not enough.
See the offer
7
- Discount for non-profit organizations
- Postcard campaigns
- Change of template during editing
Mailchimp is a rather ergonomic classic, but we can only regret that it is still not available in French. This is all the more regrettable as its features are numerous and advanced.
Mailchimp is a rather ergonomic classic, but we can only regret that it is still not available in French. This is all the more regrettable as its features are numerous and extensive.
Sources: TechCrunch , BleepingComputer
3