Famous email marketing company MailChimp suffered another security breach after hackers accessed an internal customer support and account administration tool, by conducting a social engineering attack on Mailchimp employees and contractors, and obtained access to one of the Mailchimp accounts using employee credentials compromised in that attack.
The notification of the security breach comes after an unattributed blog post from MailChimp that states its security team detected an intruder on January 11 accessing one of its internal tools used by Mailchimp customer support and account administration. However, the company did not say for how long the intruder was in its systems.
"After we identified evidence of an unauthorized actor, we temporarily suspended account access for Mailchimp accounts where we detected suspicious activity to protect our users’ data. We notified the primary contacts for all affected accounts on January 12, less than 24 hours after the initial discovery." - MailChimp noted.
In this hacking incident, 133 Mailchimp customer accounts were affected but they mentioned that this compromise doesn't affect Intuit systems or customer data beyond these Mailchimp accounts.
One of the affected customers in this breach is the massively popular WooCommerce eCommerce plugin for WordPress.
WooCommerce has emailed customers, warning them that the MailChimp breach exposed their names, store URLs, addresses, and email addresses, though it said no customer passwords or other sensitive data was taken.
This was the second time that MailChimp was breached. Earlier in April 2022, a hardware cryptocurrency wallet Trezor users began receiving fake data breach notifications prompting customers to download a malicious Trezor Suite software that would steal users' recovery codes.
Later it was confirmed that MailChimp service was compromised. In that breach, hackers access 319 MailChimp accounts and exported audience data, from 102 customer accounts.