Hackers Compromised MailChimp Service to Steal User Data and Conduct Phishing Attacks
A data breach has been recently reported by Mailchimp, and in this event, hackers have gained access to customer accounts by compromising an internal tool of the company itself.
After the company spotted a hacker accessing a tool used for customer support and account administration, an employee of the company realized that the intrusion has happened on March 26.
Owners of cryptocurrency wallet company, Trezor hardware cryptocurrency wallets have been receiving phishing notifications about a data breach accusing the Trezor company of having experienced.
Customers of Trezor were asked to reset their hardware wallet PINs upon receiving the emails, in which they were encouraged to download malicious software that spied on their wallets and allow the hackers to steal cryptocurrency.
Crypto Industry Targeted
Apart from this, later it has been clarified, that through phishing attacks the threat actors have targeted the cryptocurrency industry by compromising the MailChimp.
Here’s what Mailchimp CISO, Siobhan Smyth stated:-
“We acted swiftly to address the situation by terminating access for the compromised employee accounts and took steps to prevent additional employees from being affected.”
All the compromised credentials were abused by the hackers to:-
- Access 319 MailChimp accounts.
- Exported data from 102 accounts.
A number of API keys for an undisclosed number of customers were also accessed by the threat actors in addition to viewing accounts and exporting data. There are now no longer any API keys that can be used for this purpose because they have been disabled.
While several users have reported To MailChimp that their API keys were accessed illicitly, the threat actors have conducted phishing campaigns by exploiting those keys.
All these keys were exploited against the stolen contacts but the experts have not yet disclosed any information about those attacks.
Recommendation
In order to ensure that customers’ accounts are protected properly, MailChimp strongly recommended their users immediately implement the following security measures:-
- Enable a two-factor authentication mechanism.
- Immediately change your password.
- Always use a complex password.
- Do a proper security checkup.
- Change the passwords for other services as well, in case use of the same password.
Moreover, MailChimp has claimed that for further security precautions and security of their users, they are completely prepared to combat situations like this.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
