Hackers Abuse MailChimp Internal Tool to Steal Cryptos
Hackers have managed to gain access to MailChimp’s digital work environment. The attackers tried to steal customer data from users of the newsletter service via an internal tool. The perpetrators have seen data from 319 customers, data has actually been stolen from 102 customers.
Siobhan Smyth, the Chief Information and Security Officer (CISO) at MailChimp, told TechCrunch.
‘Prevent worse by acting quickly’
In a statement, the head of security said MailChimp was aware of the digital breach on March 26. Then the company noticed that an unauthorized person had access to a tool used by its customer support and account management department. He managed to obtain the password for this tool through social engineering.
“We acted quickly to address the situation by terminating access for the compromised employee accounts and took steps to prevent additional employees from being affected,” Smyth told TechCrunch.
The perpetrator managed to access data from 319 MailChimp accounts, BleepingComputer writes. He was able to successfully steal information from 102 customers. MailChimp will not say exactly what data the hacker has stolen.
Offenders target crypto service providers
What the provider of the eponymous newsletter service does confirm is that the attackers had their sights set on customers dealing with cryptocurrency and financial services. The hackers managed to obtain the API key from an unknown number of customers. This makes it possible to send falsified e-mails and newsletters to their supporters on behalf of these customers. It is a well-known tactic to obtain personal data from unsuspecting victims. We also call this phishing.
One of the victims was Trezor, a company that makes hardware wallets for cryptocurrencies. The company announced via Twitter that customers were being approached with phishing messages. In it, the attackers advised installing malicious software. Through this malware, the perpetrators tried to steal crypto coins.
“When we become aware that an account has unauthorized access, we notify the owner and immediately take action to restrict further access,” said Smyth. MailChimp advises users to implement two-factor authentication and other security measures to protect their accounts and passwords.
MailChimp takes additional security measures
MailChimp apologizes for the incident and the uncertainty it has caused customers. “We are proud of our security culture, infrastructure, and the trust our customers place in us to protect their data. We are confident in the security measures and robust processes we have in place to protect our users’ data and prevent future incidents,” Smyth said in a press statement.
The company did not say what additional security measures MailChimp has taken to prevent a recurrence.
Catch up on more articles here
Follow us on Twitter here