Hackers have stolen data from more than 100 clients of email marketing giant Mailchimp after they broke into its services, using the data to mount phishing attacks on the users of cryptocurrency platforms.
Trezor hardware cryptocurrency wallet, a user of Mailchimp, tweeted that they have been targeted by sophisticated phishing emails.
“MailChimp have confirmed that their service has been compromised by an insider targeting crypto companies,” said Trezor.
“We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected,” it posted, adding they will not be communicating by newsletter until the situation is resolved.
The Mailchimp security team disclosed that a malicious actor accessed an internal tool used by customer-facing teams for customer support and account administration.
The bad actor gained access to this tool as a result of a successful social engineering attack on Mailchimp employees.
“This attack is exceptional in its sophistication and was clearly planned to a high level of detail. The phishing application is a cloned version of Trezor Suite with very realistic functionality, and also included a web version of the app,” said the cryptocurrency wallet.
In a statement to The Verge, Mailchimp CISO Siobhan Smyth said that the company had become aware of the breach on March 26 when it detected unauthorised access of a tool used by the company’s customer support and account administration teams.
“The hackers were still able to view around 300 Mailchimp user accounts and obtain audience data from 102 of them,” Smyth said.
“We sincerely apologise to our users for this incident and realise that it brings inconvenience and raises questions for our users and their customers,” Smyth added.