Marketing automation company Mailchimp has reported that it has been the victim of a social engineering attack-related data breach. that enabled threat actors to access an internal support and account admin tool to obtain information about 133 customers.
“The unauthorized actor conducted a social engineering attack on Mailchimp employees and contractors, and obtained access to select Mailchimp accounts using employee credentials compromised in that attack,” the Intuit-owned company said in a disclosure.
Mailchimp identified the lapse on January 11, 2023, and noted that there is no evidence the unauthorized party breached Intuit systems or other customer information beyond the 133 accounts. And all those affected accounts were notified within 24 hours. however, did not reveal the duration for which the intruder remained on its systems.
The marketing automation company has been the victim of its second hack within 12 months.
The objective of social engineering attack is to influence, manipulate or trick users into releasing sensitive information or access within an organization.
Found this article interesting? Follow HackersIdentity on Facebook, Twitter and LinkedIn to read more exclusive content we post.
Users Today : 0