MailChimp Announces Data Breach Affecting Tiny Number of Customers – With Big Ripples

  • By Steven
  • Jan 26, 2023

mailchimp data breach

MailChimp has been hacked repeatedly over the years; there is very little surprise in the breach, though one thing should be considered. Only 133 Mailchimp customers were affected, correct? However, each of these customers is a business. Some of these businesses, like WooCommerce and FanDuel, have millions of users and can detrimentally affect not only the businesses but their customers as well. 

How Did the Attack Occur?

The attack occurred when an unknown party launched a social engineering attack. Social engineering attacks are psychologically-based attacks that manipulate someone to perform a task or divulge information. These attacks are often carried out as phishing attacks, which is why they are so often successful. 

What Information Was Viewed or Stolen?

The accessed information likely varied based on the target company. WooCommerce was one of the targeted companies, admitting that its customers’ names, emails, and store web addresses may have been affected. This was told to WooCommerce by MailChimp. As of January 2023, 6.3 million websites use WooCommerce, and 68,000 of the world’s top million websites use the service within that bracket.

How Did MailChimp Admit to the Breach?

MailChimp admitted to the breach by sending notices to each customer account’s primary contacts. There is also a notice posted on the company’s website explaining how the breach happened and what steps it took to prevent or hinder another breach. “We know that incidents like this can cause uncertainty, and we’re deeply sorry for any frustration,” said the notice. “We are continuing our investigation and will be providing impacted account holders with timely and accurate information throughout the process.”

What Will Become of the Stolen Information?

We should take a look at the numbers;

  • As of 2009, FanDuel had over 6 million users and has only grown since.
  • WooCommerce also has about 6 million users (at the time of writing).
  • The Solana Foundation, which is dedicated to Solana, was also a part of the breach. Solana had over 11.5 million active users as of November 16, 2022.
  • Yuga Labs, an NFT provider, has only 70 employees but has put out 200,000 NFTs.

So, not including the other 129 businesses affected, there are already more than 23.8 million people at risk. Yes, the majority of that risk is likely phishing attacks and attempts, but these can still be detrimental. 70% of phishing emails are opened, and 90% of company breaches start with phishing attacks.

What Should Affected Parties Do in the Aftermath of the Breach?

After any breach, let alone one this big, you should always change your password. You should also stay on the lookout for any phishing attacks or attempts that come your way. If you were involved in the breach, the company you are affiliated with would notify you. Another smart idea would be to file a police report. Police reports are often overlooked by victims, thus resulting in more issues down the road.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “A ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Family Dollar & Dollar Tree Bleed Consumer Data Following Cyberattack

Family Dollar & Dollar Tree Bleed Consumer Data Following Cyberattack

In 2015, Family Dollar acquired its biggest competitor, Dollar Tree. Family Dollar is one-half of a consumer's dream; they offer low-priced goods for families in 8,200 locations nationwide.

Weekly Cybersecurity Recap December 1

Weekly Cybersecurity Recap December 1

This week, cybercriminals targeted health lifestyle members, patients, gamblers, and general consumers. Early on, Welltok returned to the news, this time with over 426k member data stolen by assailants; the organizations impacted by the breach were Premier Health and Graphic Packaging International.

Caesars Entertainment Breach Update, Millions of Gambler Records Compromised

Caesars Entertainment Breach Update, Millions of Gambler Records Compromised

Caesars Entertainment (CE) oversees 58 gaming properties across the continental states. Their locations include world destinations, nightlife activities, a comprehensive concierge, and an industry-leading approach to draw millions of gamblers weekly.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address