Mailchimp an email marketing service provider, has been the victim of a cyberattack that aimed to access the accounts of those customers who have a cryptocurrency portfolio.
Mailchimp’s Chief Information Security Officer (CISO), Siobhan Smyth has acknowledged that his company was aware of the attack on March 26, in a statement to the US media TechCrunch.
That’s when “a malicious actor was identified accessing a tool used by the company’s customer service and account management teams.”
The attacker gained access after successfully performing a hack attack. social engineering which served him to manipulate Mailchimp workers into giving him their credentials.
Smyth has claimed that Mailchimp acted “quickly” by terminating access to compromised employee accounts and taking steps to prevent “other workers would be affected.”
The company’s action was not quick enough, and the cybercriminals gained access to 300 Mailchimp accounts by successfully exporting audience data from 102 of them.
In his statement to TechCrunch, Smyth has refused to specify what data the attackers had access to.but it did reveal that the hit was targeting clients in the finance and cryptocurrency sector.
TREZOR, THE ONLY CRYPTO COMPANY AFFECTED SO FAR
So far, the only company that has acknowledged being a victim of this cyberattack is the cryptocurrency wallet manufacturer, Trezor.
MailChimp have confirmed that their service has been compromised by an insider targeting crypto companies.We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected. 1/
– Vault (@Trezor) April 3, 2022
In a statement published on its official Twitter account, the group claims to have knocked out the domain affected by ‘phishing’ in the absence of checking “how many email accounts have been affected”.
The company adds that it is not recommended “to open any mail that appears to come from Trezor until further notice.” In addition, it asks its users to make sure to “use anonymous email addresses for any activity related to Bitcoin”.