MailChimp Discloses New Breach After Employees Got Hacked

Email marketing and newsletter giant Mailchimp disclosed a new data breach after employees got hacked. Mailchimp confirmed that dozens of customers’ data were exposed. It’s the second time the company was facing a data breach in the past six months. However, this breach appears to be almost identical to a previous incident.

MailChimp Discloses New Breach After Employees Got Hacked

The company confirmed in a blog post that its security team detected an intruder on January 11 accessing one of its internal tools used by Mailchimp customer support and account administration. However, the company did not reveal for how long the intruder was in its systems.

Check Also: GoTo & LastPass Hacked- Customer’s Data Accessed in Breach

Mailchimp said the hacker targeted its employees and contractors with a social engineering attack. The hackers used the manipulation techniques by phone, email or text to gain private information, like passwords. The company also confirmed that the hacker gained access to data on 133 Mailchimp accounts.

One of those targeted accounts belongs to e-commerce giant WooCommerce. In a note to customers, WooCommerce also confirmed that the breach may have exposed the names, store web addresses and email addresses of its customers. However, the company also assured that no customer passwords or other sensitive data were taken.

Last August, Mailchimp also became a victim of a similar data breach. In that breach, data on some 214 Mailchimp accounts were compromised, mostly of cryptocurrency and finance-related accounts.

Mailchimp said at the time that it had implemented “an additional set of enhanced security measures.” But after this breach, it seems like those measures failed. It’s not clear who is responsible for cybersecurity at Mailchimp.

See Also: Hackers Breach Norton Password Manager Accounts