Customer data has been exposed as Mailchimp is hit by yet another cyber attack this month. The security team detected an intruder on January 11th, gaining access to an internal tool by Mailchimp Customer Support and administration accounts, although it seems unknown how long the intruder was in the systems.
The attacker targeted Mailchimps employees and contractors with social engineering, using manipulation methods by phone, email, or text to gather private information such as passwords. Using those compromised employee passwords, the hacker gained access to data on 133 Mailchimp accounts.
One of the accounts targeted belongs to e-commerce giant WooCommerce, who were notified by Mailchimp a day later that the names, store web addresses, and email addresses of its customers may have been exposed in the breach. Although it has been said no customer passwords or other sensitive data was taken.
In August 2022, Mailchimp was the victim of a social engineering attack which compromised the credentials of its customer support staff, enabling the intruder to access internal tools. Data on some 214 Mailchimp accounts were compromised, mainly on cryptocurrency and finance-related accounts. DigitalOcean confirmed their accounts were compromised and criticised Mailchimp’s handling of the incident.
We don’t know yet who was responsible for Cyber Security at Mailchimp after the departure of its Chief Information Security Officer, Siobhan Smyth, after the August breach.