Mailchimp security breach exposes DigitalOcean customer data

DigitalOcean has reported a recent security incident at MailChimp, which has resulted in some customers' email addresses being leaked, with a small number of them receiving unauthorised password resets.

Mailchimp has detailed that the attackers used phishing and social engineering techniques. Meanwhile, DigitalOcean's investigation found that an unauthorised email address from the @arxxwalls.com domain was added to its Mailchimp account.

Both companies are still investigating what happened, and, additionally, DigitalOcean has changed its email service provider.

References:

12/08/2022 mailchimp.com Information About a Recent Security Incident Targeting Crypto Companies
15/08/2022 digitalocean.com Impact to DigitalOcean customers resulting from Mailchimp security incident
11/08/2022 diariobitcoin.com Mailchimp suspende varias cuentas relacionadas con criptomonedas, según denuncias
16/08/2022 theregister.com Digital Ocean dumps Mailchimp after attack leaked customer email addresses
17/08/2022 unaaldia.hispasec.com DigitalOcean se deshace de Mailchimp tras el ataque que sufrieron

Tags:

Corporate access

Mailchimp security breach exposes DigitalOcean customer data