Data Security

Mailchimp hacked again in 6 months. One more reason of not using MailChimp email marketing platform

MailChimp, a company that specializes in email marketing, admitted that their system had been breached by hackers. Mailchimp, a company that specializes in email marketing and newsletters, reports that it was hacked and that the data of hundreds of its clients was made public. In the last one year and a half, this is the business’s second instance of being hacked. Even more concerning is the fact that this breach looks to be almost comparable to an earlier occurrence.

The company, which is owned by Intuit, stated in a  blog post that its security team discovered an intruder on January 11 accessing one of its internal tools used by Mailchimp customer support and account administration. However, the company did not disclose how long the intruder was in its systems, if this information is known. According to Mailchimp, the hacker used social engineering to get access to the company’s workers and contractors. Social engineering is a sort of manipulation in which a person utilizes tactics such as phone calls, emails, or texts to acquire private information such as passwords. The hacker then used those hacked staff credentials to obtain access to data on 133 Mailchimp accounts, which the firm alerted of the incursion after discovering the breach.

E-commerce giant WooCommerce’s account was one of several who were compromised in this attack. WooCommerce said in a statement to its customers that it was informed by Mailchimp a day later that the breach may have exposed the names, store web URLs, and email addresses of its customers. However, the company claimed that no user passwords or other personal data was stolen.

Mailchimp is the service that WooCommerce use in order to send emails to its clients. WooCommerce is a company that develops and maintains popular open source e-commerce software for small enterprises. It has been reported that WooCommerce serves more than five million consumers.

If you feel like you’ve heard any of this before, it’s probably because you have. Mailchimp said in August of last year that company had been the target of a social engineering assault that had resulted in the credentials of its customer care workers being hijacked. This gave the attacker access to Mailchimp’s internal tools. During the incident, the data on around 214 Mailchimp accounts, the most of which were associated to bitcoin and the financial sector, were stolen. 
At the time, Mailchimp said that it had put into place “an extra set of strengthened security measures.”

To Top

Pin It on Pinterest

Share This