MailChimp has been hit by a cyber attack. Attackers managed to gain access to systems of the American platform through social engineering. They were mainly looking for data from mailing lists related to cryptocurrencies.
The attack on MailChimp, a popular service for creating and managing mailing lists and email campaigns, has been confirmed by the company to Bleeping Computer.
The problems were discovered after customers of Trezor, a provider of so-called hardware wallets, received reports of a data breach at the company. In reality, it was a phishing attack with which the attackers tried to trick Trezor customers into installing malware. This with the presumed purpose of stealing cryptocurrencies from victims via malware.
The email addresses to which the phishing emails were sent appear to have been captured in the attack on Trezor. MailChimp reports to Bleeping Computer that the attackers have compromised 319 customer accounts.
The perpetrators managed to steal data from 102 accounts. They also got access to MailChimp APIs, with which they could set up their own mailing campaigns outside the MailChimp dashboard.