email envelopes bombard
Hackers Monkey Around with MailChimp, Second Data Breach in 6 Months

MailChimp, a popular email marketing company, recently announced that it had suffered a data breach in which 133 customers’ information was stolen by hackers who used social engineering tactics to gain access to the company’s account admin and customer support tools. This marks the second time in six months that MailChimp has experienced a breach. 

In response to the incident, the company suspended account access for those accounts that showed suspicious activity to protect customers’ data. MailChimp also stated that they notified affected customers within 24 hours of the breach’s discovery and emphasized that no credit card or password information was stolen. 

One of the victims of the breach was the WooCommerce eCommerce plugin for WordPress, which is widely used by businesses. WooCommerce noted that hackers may use the stolen information to attempt to steal further credentials of other victims or install malware through phishing or social engineering attacks. 

It is worth noting that previous breaches at MailChimp led to a leak of Trezor customer data, which was then used for further hacking attempts. The company had previously claimed to have increased their security measures, but the recent breach suggests otherwise. 

TechCrunch reports that It’s not immediately clear who, if anyone, is responsible for cybersecurity at Mailchimp following the departure of its chief information security officer Siobhan Smyth shortly after the August (previous) breach.” 

This incident highlights the importance of cybersecurity for businesses, as well as the need for companies to regularly review and update their security measures to protect against evolving cyber threats. It is also important for companies to have a clear and effective incident response plan in place to quickly contain and mitigate the impact of a breach.

We at Motiva Networks can help you plan and see if your data has been compromised with a Free Confidential Cybersecurity Risk Assessment. Or you can schedule a quick 10-minute call to discuss the best options for your Agency or small business, or go over any questions you might have HERE