Data Breach

Mailchimp Data Breach

133 records exposed • January 2023

Mailchimp got hacked again - their third time in less than a year. Hackers tricked employees into giving up their passwords, then stole customer data.

What Happened

Mailchimp suffered its third breach in less than a year when attackers used social engineering to access employee accounts and steal customer API keys.

Attack method: Social engineering against employees

What Data Was Exposed

Customer names, Email addresses, API keys, Audience data

Is your business exposed?

What to Do If You're Affected

1.
Rotate Mailchimp API keys
2.
Audit connected integrations
3.
Review sent email campaigns for tampering

Lessons for Businesses

• Repeated breaches indicate systemic issues
• Social engineering is hard to prevent
• API key security is critical

Sources

https://mailchimp.com/january-2023-security-incident/

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required