It has been confirmed that email marketing giant Mailchimp has had a significant data breach after malicious hackers utilised internal company programming tools to gain access to customer accounts.
During an interview with TechCrunch, Mailchimp CISO Siobhan Smyth confirmed that the company had become aware of an intrusion on March 26 after identifying a malicious actor accessing a tool used internally by customer support and account administration teams.
The hackers performed a social engineering attack, which exploits human error and uses manipulation to gain private information, access and valuables. Smyth stated that “we acted swiftly to address the situation by terminating access for the compromised employee accounts and took steps to prevent additional employees from being affected.”
However as quick as they responded to the breach it wasn’t quick enough as hackers viewed approximately 300 Mailchimp accounts and managed to export audience data from 102 of those accounts. Mailchimp has declined to say exactly what data was accessed but told TechCrunch they focused on customers in the cryptocurrency and finance sector.
On top of this the hackers gained access to API keys from an unknown number of customers, which would have allowed them to send spam emails from the hacked customers’ accounts. Apparently, Smyth received reports of the hackers sending phishing emails from some customers’ accounts.
Furthermore, Smyth stated that, “when we become aware of any unauthorized account access, we notify the account owner and immediately take steps to suspend any further access.” Smyth also recommended users to use a two-factor authentication and other security measures to keep their personal details and accounts secure.
It is unclear what additional security measures Mailchimp will implement to prevent future attacks.