Email marketing company Mailchimp has suffered another data breach. Threat actors could access the data of 133 customers after gaining access to employee credentials via a social engineering attack on the company’s employees and contractors.
The hackers could access Mailchimp’s internal customer support and account administration tools. The breach was detected on January 11 after Mailchimp found evidence of unauthorised access to their support tools. All 133 customers were informed of the incident by January 12.
While Mailchimp hasn’t announced the names of the impacted customers, TechCrunch reports that the WooCommerce Wordpress plugin was amongst the impacted parties. WooCommerce has subsequently informed customers that their names, store URLs, addresses and email addresses have been exposed.
WooCommerce hasn’t seen any evidence of data misuse yet, and Mailchimp maintains that the breach did not impact intuit systems or customer data beyond the affected accounts. The latter also assured that no financial information or credentials were compromised in the breach.
There’s no information on who the threat actor might be or if they’ve abused the exposed data at the time of writing. Mailchimp has stated that it’s implementing “an additional set of enhanced security measures” in place but hasn’t stated what these measures are.
The investigation is still ongoing, stated Mailchimp in a statement shared with the BleepingComputer. This also includes identifying measures to further protect the platform. However, it has refused to state its actions for “operational security publicly”.
Mailchimp was previously breached in August 2022 similarly when a social engineering attack compromised the account of one of its customer support staff. This gave the attacker access to internal company tools.
214 customers, including DigitalOcean, Edge Wallet, Cointelegraph, Messari, Decrypt, Ethereum FESP and Edge Wallet, were impacted by the breach.