Mailchimp security breach exposes DigitalOcean customer data
DigitalOcean has reported a recent security incident at MailChimp, which has resulted in some customers' email addresses being leaked, with a small number of them receiving unauthorised password resets.
Mailchimp has detailed that the attackers used phishing and social engineering techniques. Meanwhile, DigitalOcean's investigation found that an unauthorised email address from the @arxxwalls.com domain was added to its Mailchimp account.
Both companies are still investigating what happened, and, additionally, DigitalOcean has changed its email service provider.
References:
- 12/08/2022 mailchimp.com Information About a Recent Security Incident Targeting Crypto Companies
- 15/08/2022 digitalocean.com Impact to DigitalOcean customers resulting from Mailchimp security incident
- 11/08/2022 diariobitcoin.com Mailchimp suspende varias cuentas relacionadas con criptomonedas, según denuncias
- 16/08/2022 theregister.com Digital Ocean dumps Mailchimp after attack leaked customer email addresses
- 17/08/2022 unaaldia.hispasec.com DigitalOcean se deshace de Mailchimp tras el ataque que sufrieron