Bitcoin Forum

Other => Beginners & Help => Topic started by: Dave1 on January 19, 2023, 12:23:09 AM



Title: Mailchimp hacked again, 133 accounts have been compromised
Post by: Dave1 on January 19, 2023, 12:23:09 AM
https://talkimg.com/images/2023/11/18/FzUVo.png

https://mailchimp.com/january-2023-security-incident/

Oh snap, it's just the start of the year and we just had another Mailchimp hacked (for the nth time). Not really sure how their security is, or how their contractors and employees security hygiene is, but their job is very sensitive and it's client facing so we really don't understand how many times they will be hacked before they learn from this mistakes.

The reports says 133 Mailchimp accounts has been breached, so that is a lot.

One confirmed victim is WooCommerce -> https://twitter.com/Arm_i_n/status/1615719010921844737/photo/1

Here is the previous hacked: Mailchimp was hacked again, exposing DigitalOcean customer's email  (https://bitcointalk.org/index.php?topic=5410197.0).

Again 133 accounts, and most probably there could be some crypto related accounts that is included in that list and maybe in the next couple of months we will see an increased of phishing attacks.


Title: Re: Mailchimp hacked again, 133 accounts have been compromised
Post by: Vyeon11 on January 19, 2023, 01:08:00 AM
and it has the potential to lead to theft of crypto wallets,things like that need to be dealt with as soon as possible, especially if the hacker is using their internal tools.
hopefully that won't happen, because if that happens it will cause problems that affect customer trust, and of course the Mailchimp site will also be distrusted.


Title: Re: Mailchimp hacked again, 133 accounts have been compromised
Post by: OcTradism on January 19, 2023, 03:36:10 AM
These hacks of service providers are dangerous for people or companies that use a single main email for all registrations on multiple platforms.

To decentralize risk and reduce risk from such hacks, data leaks, we should use different emails for different usages. Main emails for registrations on biggest platforms. Sub emails for registrations on new platforms if we want to explore them. Special emails for financial things if necessary.

I know practically many people use only one email for many registrations on many platforms including newborn platforms that have yet been verified about their security.

[Guide] How to know if your email address was part of any data breach. (https://bitcointalk.org/index.php?topic=5201569.0)
https://haveibeenpwned.com/


Title: Re: Mailchimp hacked again, 133 accounts have been compromised
Post by: DdmrDdmr on January 19, 2023, 09:55:46 AM
Social engineering to obtain credentials should not be enough, if a company knows how to upper it’s security measures. They can at least resort to authorizing a restricted set of IPs to access the internal systems remotely, as well as 2FA for employees. Though the technical details have not been provided, nor will we likely see them, it does seem like quite a bit more can be done. They could even monitor in real time who accesses what, and setup alerts if a certain user access starts to show abnormal activities (i.e. multiple or mass customer data downloads, and so forth).

The only nominally known client (company) affected so far, WooCommerce, is no minor fish (https://barn2.com/blog/woocommerce-stats/), and could potentially hold millions of records for all the customers and related end-customers that have a relation to the ecommerce platforms running on their software. There is no current indication to the number of downloaded records, not their exact nature (likely in the same line as last time), data which I hope to see around at some point.


Title: Re: Mailchimp hacked again, 133 accounts have been compromised
Post by: Baofeng on January 23, 2023, 09:00:39 PM
So we have one account coming forward, which is FanDuel, - a sportsbook and betting site going into public and giving their customers warning about the said breach,

Quote
"Recently, we were informed by a third-party technology vendor that sends transactional emails on behalf of its clients like FanDuel that they had experienced a security breach within their system that impacted several of their clients," reads a FanDuel 'Notice of Third-Party Vendor Security Incident' seen by BleepingComputer.

"On Sunday evening, the vendor confirmed that FanDuel customer names and email addresses were acquired by an unauthorized actor. No customer passwords, financial account information, or other personal information was acquired in this incident."

FanDuel also stressed that this was not a breach of their systems or FanDuel user accounts and that the hackers did not acquire "passwords, financial account information, or other personal information" during the breach.

https://www.bleepingcomputer.com/news/security/fanduels-warns-of-data-breach-after-customer-info-stolen-in-vendor-hack/

Perhaps MailChimp would lose this one customer because of the said breach on their system.

And most likely there will be more costumers coming forward and admitted that they are the victim/s of such incident.