IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Mailchimp data breach impact unravels as second customer reveals extent of damage

Mailchimp customers affected by a recent data breach have warned users to “remain vigilant” of heightened security threats

Numerous Mailchimp customers are now warning users that they might face increased risks of phishing attacks in the wake of a recent data breach.

Online gambling firm FanDuel became the latest Mailchimp client to advise customers of a potential wave of security risks in the wake of the incident.  

Reports over the weekend revealed that the sports betting site issued a warning to users, urging them to “remain vigilant” of phishing emails.  

“Recently, we were informed by a third-party technology vendor that sends transactional emails on behalf of its clients like FanDuel that they had experienced a security breach within their system that impacted several of their clients,” read an email distributed to users.  

FanDuel added that the vendor in question had confirmed that customer names and email addresses were “acquired by an unauthorised actor”.

“No customer passwords, financial account information, or other personal information was acquired in this incident,” the email read.  

"Remain vigilant against email "phishing" attempts claiming an issue with your FanDuel account that requires providing personal or private information to resolve the problem," the email added.  

"FanDuel will never email customers directly and request personal information to resolve an issue." 

WooCommerce, a popular ecommerce plug-in for Wordpress, was among the first customers to begin warning users. In an advisory to users, the eCommerce platform confirmed that it was one of the clients affected by the breach.  

“The breach may have resulted in some of the information you share with us, including your name, store URL, address, and email address, being exposed,” WooCommerce said in an email to customers.  

“No payment data, passwords, or other sensitive security information, is part of this breach. Your store and customer data have not been impacted by this incident, nor have your wordpress.com or woocommerce.com accounts.” 

What happened in the Mailchimp breach?

The US-based email marketing giant confirmed on 13 January that around 133 customers had been impacted by a breach, which came as a result of a social engineering attack on a Mailchimp employee.  

Mailchimp said audience data was obtained in the breach, which includes email addresses and customer names. However, the company said at the time that no customer password or credit card information had been compromised in the attack.  

“Based on our investigation to date, this targeted incident has been limited to 133 Mailchimp accounts,” the company said. “There is no evidence that this compromise affected Intuit systems or customer data beyond these Mailchimp accounts."

Related Resource

Cost of a data breach report 2022

Discover the factors to help mitigate breach costs

Whitepaper cover with title and square image of line graph beginning to break and lift upFree Download

The incident marks the second breach at the all-in-one marketing platform in less than 12 months. In April last year, Mailchimp battled another security issue which saw hackers control its internal tools to access customer records.

In this case, hackers were able to view 319 of Mailchimp's customer accounts and extracted data from 102 of those - a similar scale to the latest breach.

The immediate fears were the same in last year's incident: customers were likely to receive targeted phishing emails.

Domino effect of Mailchimp breach

While security incidents such as the Mailchimp breach don’t directly result in compromised user accounts, there is a significant risk that exposed information such as email addresses and names can create a ‘domino effect’ of security risks further down the line.  

Exposed information is commonly used by threat actors to target users with phishing attacks or attempt to reset passwords to gain account authorisation. This is an issue that has occurred repeatedly in recent years.  

Among the victims in last year's Mailchimp breach was cloud computing provider, DigitalOcean, which criticised the company’s handling of the incident and revealed that a “small number” of customers experienced attempted compromise of their accounts through password resets.

More recently, a major data breach at telecoms provider T-Mobile prompted the company to issue an urgent warning that customer may face a wave of phishing attacks after email addresses and account information was leaked online. 

Featured Resources

2023 Strategic roadmap for data security platform convergence

Capitalise on your data and share it securely using consolidated platforms

Free Download

The 3D trends report

Presenting one of the most exciting frontiers in visual culture

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

Leverage automated APM to accelerate CI/CD and boost application performance

Constant change to meet fast-evolving application functionality

Free Download

Most Popular

Warning issued over ransomware attacks targeting VMware ESXi servers globally
cyber attacks

Warning issued over ransomware attacks targeting VMware ESXi servers globally

6 Feb 2023
ION Trading reportedly pays LockBit ransom demands
ransomware

ION Trading reportedly pays LockBit ransom demands

6 Feb 2023
Tips for Boosting your Organisation’s Security Posture with Encryption
Sponsored

Tips for Boosting your Organisation’s Security Posture with Encryption

6 Feb 2023