MailChimp data leak affects crypto and cloud customers
At MailChimp, customer data has again been copied without permission. The mail service provider suspects targeted attacks against users from the crypto industry.
The mail service provider MailChimp has repeatedly struggled with the loss of customer data. According to a statement, customers from the crypto industry are mainly affected, whose personal data is particularly sought after by cyber criminals for phishing attacks. But the cloud service provider DigitalOcean also informed some of its customers last night that their e-mail address had been copied without permission.
Target crypto wallets
Attacks on crypto wallets are a lucrative source of income for criminals. However, in order to be able to send deceptively real phishing e-mails precisely, e-mail addresses are required whose owners have an account with the targeted exchange. Email service providers are therefore a worthwhile target for supply chain attacks – Mailchimp was an involuntary accomplice in a phishing attack on the wallet manufacturer Trezor back in April.
Now Mailchimp has once again informed its customers about a successful break-in in a cryptic blog post. Although the service provider focuses on its customers from the crypto industry in the article and does not mention the unauthorized outflow of data with a syllable, the cloud provider DigitalOcean – which sent its customer newsletters via Mailchimp – is clearer in its own security report.
The successful attack on the Mailchimp account was noticed as early as August 8, and some of the customer email addresses stored there were viewed and fished out by criminals. All customers affected by the data leak have been informed and some DigitalOcean accounts that have been attacked with password reset attacks have been secured. In addition, the cloud service provider immediately terminated its business relationship with Mailchimp.
DigitalOcean calls on its customers to be more vigilant against targeted phishing attacks and recommends – as is now common in such security advice – the activation of two-factor authentication for the cloud account.
