Email marketing giant Mailchimp has confirmed a data breach after attackers hacked into the company’s internal tool to access customer accounts.
In a statement to gaming-updates, Mailchimp’s chief information security officer, Siobhan Smith, said the company became aware of the breach on March 26 when it discovered an attacker who had access to passwords used by the company’s customer support and account management team and had access to tools. A successful social engineering attack was followed by an access attempt, a type of attack that uses human error and manipulation techniques to obtain personal information, access, or valuables.
“We quickly responded to the situation by eliminating access to compromised employee accounts and took steps to prevent exposure to other employees,” Smith said.
But not so fast, as the hackers looked at about 300 Mailchimp accounts and successfully exported audience data from 102 of them, the company said. Mailchimp declined to say exactly what data was accessed, but told gaming-updates that the hackers are targeting customers in the cryptocurrency and financial sectors. In addition to viewing accounts and exporting data, the attackers gained access to API keys for an undisclosed number of clients, allowing the attackers to send fake emails that are now disabled and no longer used. But Smith said Mailchimp has received several reports of hackers using information obtained from user accounts to send phishing campaigns to their contacts.
“If we become aware of unauthorized access to an account, we will notify the account owner and take immediate steps to suspend further access,” Smith told gaming-updates. “We also recommend two-factor authentication and other account security measures to our users as additional measures to keep accounts and passwords secure.”
Smith declined to answer our questions about any additional security measures Mailchimp is taking to prevent future attacks.
The incident, first reported by Bleeping Computer, comes after cryptocurrency wallet maker Trezor confirmed on Twitter over the weekend that its users had been targeted by phishing emails due to the Mailchimp hack. Trezor uses to send newsletters. for clients. These malicious emails encouraged Trez users to reset their hardware wallet PIN by downloading malicious software.
Mailchimp does not say how many other cryptocurrency services or financial institutions were affected by the incident.