The popular email marketing and newsletter platform Mailchimp was hacked twice in the past six months.
The news of a new security breach was confirmed by the company, the incident exposed the data of 133 customers.
Threat actors targeted the company’s employees and contractors to gain access to an internal support and account admin tool.
“On January 11, the Mailchimp Security team identified an unauthorized actor accessing one of our tools used by Mailchimp customer-facing teams for customer support and account administration. The unauthorized actor conducted a social engineering attack on Mailchimp employees and contractors, and obtained access to select Mailchimp accounts using employee credentials compromised in that attack.” reads the notice published by the company. “Based on our investigation to date, this targeted incident has been limited to 133 Mailchimp accounts.”
The company added that there is no evidence that this security breach affected Intuit systems or other customer data beyond the reported 133 accounts.
The malicious activity was discovered on January 11, 2023, in response to the intrusion the company temporarily suspended access for impacted accounts. The company also notified the primary contacts for all affected accounts less than 24 hours after the initial discovery.
According to TechCrunch, one of the compromised accounts belongs to e-commerce giant WooCommerce.
“In a note to customers, WooCommerce said it was notified by Mailchimp a day later that the breach may have exposed the names, store web addresses and email addresses of its customers, though it said no customer passwords or other sensitive data was taken.” reads the post published by TechCrunch. “WooCommerce, which builds and maintains popular open source e-commerce tools for small businesses, relies on Mailchimp for sending emails to its customers. WooCommerce is said to have more than five million customers.”
Mailchimp suffered a similar breach in April 2022, threat actors gained access to internal tools of the email marketing giant to conduct phishing attacks against crypto customers.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, data breach)
[adrotate banner=”5″]
[adrotate banner=”13″]