Mailchimp

On January 13, email marketing company Mailchimp released a security report detailing a breach caused by a compromised customer service employee account. On January 11, the Mailchimp security team discovered an unauthorized actor accessing a Mailchimp customer service and administration tool. Mailchimp determined the initial attack vector was through a phishing attack. This attack vector allowed the threat actor to launch social engineering attacks and access customer information. Mailchimp temporarily suspended access to accounts that exhibited unusual behavior, with the investigation into the incident revealing that 133 customer accounts were affected. Mailchimp notified the primary contacts of all involved accounts on January 12 and sent email instructions to securely regain access to their accounts. While Mailchimp did not release further details in their report for security reasons, they shared that neither password nor credit card information was compromised in the breach. WooCommerce, one of Mailchimp’s customers affected by the breach, revealed that the breach may have exposed the names, store addresses, and email addresses of affected companies. So far, there is no indication that the exposed customer data has been used maliciously. However, the stolen information could be used to conduct targeted phishing attacks to steal additional information. Before this incident, Mailchimp was breached in August 2022 by a similar phishing attack, where 214 accounts were exposed.