Mailchimp suffers another major data breach following employee hack

Mailchimp logo
(Image credit: Mailchimp)

Top email marketing firm MailChimp has suffered a data breach after hackers managed to steal login credentials from its employees. 

The company confirmed the news in a notification sent out to affected customers, noting that threat actors pulled off a successful social engineering attack against its employees and contractors, giving them access to internal customer support and account administration tools. 

MailChimp said it spotted the suspicious activity on January 11, and quickly suspended access to the affected accounts. 

TechRadar Pro needs you! We want to build a better website for our readers, and we need your help! You can do your bit by filling out our survey and telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.

D. Athow, Managing Editor

More than a hundred victims

"After we identified evidence of an unauthorized actor, we temporarily suspended account access for Mailchimp accounts where we detected suspicious activity to protect our users’ data," the company said in the announcement. "We notified the primary contacts for all affected accounts on January 12, less than 24 hours after initial discovery."

Further investigation uncovered that a total of 133 customers were affected by the breach, including a popular WordPress plugin, WooCommerce eCommerce.

WooCommerce sent out a warning to its users, saying while names, store URLs, addresses, and email addresses were most likely accessed, payment data, passwords, or other sensitive data were not. The company also said there is no evidence at the moment that the attackers are using the obtained information. Still, this type of data rarely doesn’t get utilized, as it’s a powerful weapon in phishing attacks, business email compromise attacks, and other identity theft attacks.

This is not the first time MailChimp’s filled headlines for all the wrong reasons. In April 2022, the company announced a data breach, with attackers getting away with more than a hundred mailing lists. The mailing lists were later used to target people with phishing attacks, in an attempt to steal their money and cryptocurrency holdings.

With the stolen credentials, the attackers accessed 319 MailChimp accounts and exported “audience data”, including mailing lists from 102 customer accounts.

They also accessed API keys (now defunct) from an unknown number of customers. With the keys, the attackers can create custom email campaigns and send them to mailing lists without accessing the MailChimp customer portal.

One of the companies whose customers were targeted with a phishing attack was hardware crypto wallet company Trezor. 

Via: BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Avast cybersecurity
Zapier tells customers their data may have been accessed
A man looking at a tablet with a brown Best Buy package on the desk in front of him
Huge Christmas data breach - 14 million shipping records leaked, putting shoppers at risk
ID theft
Over a million patients potentially hit after another US healthcare provider hit by cyberattack
Best email services: image of email with one unread message alert
Over 400 million unwanted and malicious emails were received by businesses in 2024
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Microsoft 365 accounts are under attack from new malware spoofing popular work apps
Illustration of a hooked email hovering over a mobile phone
AWS misconfigurations reportedly used to launch phishing attacks
Latest in Security
Representational image depecting cybersecurity protection
Third-party security issues could be the biggest threat facing your business
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Google Chrome
Google Chrome security flaw could have let hackers spy on all your online habits
Latest in News
Robert Downey Jr reveals himself as Doctor Doom to a delighted crowd at San Diego Comic-Con 2024
Marvel is about to make a major announcement about the MCU, and nobody's sure what it'll be
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Samsung Galaxy S25 Edge colors seemingly revealed in new video, and there’s another sign of an imminent launch
Promotional image for Malcolm in the Middle featuring the original cast playing golf
Malcolm in the Middle's Disney+ revival gets underway as the series finds its cast – here's which characters are returning
Group of people meeting
Inflexible work policies are pushing tech workers to quit
A young woman is working on a laptop in a relaxed office space.
I’ll admit, Microsoft’s new Windows 11 update surprised me with its usefulness, providing accessibility fixes, a gamepad keyboard layout, and PC spec cards
Youtube
YouTube Premium could be getting a new time-saving perk, showing you recommended videos directly in your playback queue