More than 100 high-value Mailchimp customers in the cryptocurrency
and finance industries had their data exfiltrated as a result of a breach on one of the email marketing firm's internal tools, The Register reports.
Hardware cryptocurrency wallet vendor Trezor issued a warning on Sunday regarding a phishing campaign that has been spreading malware in an effort to harvest information from cryptocurrency wallet owners and later said that scam-related domain addresses have been disabled as Mailchimp said that an insider has compromised its service. Attackers have been suspected of targeted Mailchimp to exfiltrate email addresses of those who are part of Trezor's Mailchimp-managed mailing list, with 319 Mailchimp accounts being accessed and 102 having their "audience data" stolen. "The incident was propagated by an external actor who conducted a successful social engineering attack on Mailchimp employees, resulting in employee credentials being compromised," said Mailchimp Chief Information Security Officer Siobhan Smyth. Mailchimp has already disabled API keys and set necessary protections in place while notifying impacted users.