More than 100 Mailchimp accounts accessed via social engineering cyberattack
IMAGE: Tada Images/Shutterstock
Jonathan Greig January 18, 2023

More than 100 Mailchimp accounts accessed via social engineering cyberattack

More than 100 Mailchimp accounts accessed via social engineering cyberattack

A hacker accessed 133 Mailchimp accounts using a social engineering attack on company employees and contractors, the company announced on Tuesday.

In a statement, first reported by TechCrunch, the email marketing firm said the attack occurred on January 11. Using employee credentials compromised in that incident, the attacker targeted the 133 accounts. 

“After we identified evidence of an unauthorized actor, we temporarily suspended account access for Mailchimp accounts where we detected suspicious activity to protect our users’ data. We notified the primary contacts for all affected accounts on January 12, less than 24 hours after initial discovery,” the company said.

“That afternoon, we sent another email to affected accounts with steps to help users reinstate access to their Mailchimp accounts safely. Since then, we’ve been working with our users directly to help them reinstate their accounts, answer questions, and provide any additional support they need. 

The statement urged affected customers to contact them if they have more questions. 

They are continuing to investigate the situation, they wrote, and did not respond to questions about what kind of accounts were targeted in the attack.  

A nearly identical situation occurred last April, when a hacker accessed internal tools used by customer-facing teams for customer support and account administration to break into 319 Mailchimp accounts for companies in the cryptocurrency and finance industries.

At the time, Siobhan Smyth, Mailchimp’s chief information security officer, told The Record that the hacker similarly conducted a social engineering attack against an employee and stole their credentials. 

Services like Mailchimp are frequent targets for hackers due to their connections to a wide variety of organizations.

Email and text message marketing company WordFly was hit with ransomware last July, triggering fallout for organizations that use the service, including the Smithsonian, the Toronto Symphony Orchestra, Canada Stage, the Royal Shakespeare Company and several other major organizations around the world. 

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.