Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Tanium comments on MailChimp breach

January 2023 by Tim Morris, Chief Security Advisor at Tanium

Email marketing firm MailChimp suffered another breach after hackers accessed an internal customer support and account administration tool. In a posting on the breach, the company says that just 133 accounts were accessed. One of those accounts belongs to e-commerce giant WooCommerce with more than five million customers.

MailChimp says the attackers gained access to employee credentials after conducting a social engineering attack on Mailchimp employees and contractors. The hacker then used those employee passwords to gain access to customer accounts.

Last August, Mailchimp said it was the victim of a social engineering attack that compromised credentials of its customer support staff, granting the intruder access to Mailchimp’s internal tools. In that breach, data on some 214 Mailchimp accounts were compromised, mostly of cryptocurrency and finance-related accounts.

Another attack on Mailchimp in April of 2022 also focused on crypto and finance accounts and hackers gained access to API keys for an undisclosed number of customers. The comment from Tim Morris, chief security adviser at Tanium on the attacks:

“ At first glance, this appears to be a typical stolen credentials attack. Whether by social engineering (as claimed), credential stuffing, or “spray and pray”, the methods of prevention are the same. Enable strong multi-factor authentication (MFA) for all systems. Strong MFA includes the trifecta of something you:

Know (id/password/secret)

Have (token, key)

Are (biometrics)

This is especially important for administrative staff that have access to an organization’s systems. Training users is also important so that they understand attacker techniques. For example, education on how to use MFA correctly and being alert to MFA fatigue/bombing attacks.”


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts