MailChimp discloses new breach after employees got hacked


Level 28
Thread author
Honorary Member
Top Poster
Jun 14, 2011
Email marketing firm MailChimp suffered another breach after hackers accessed an internal customer support and account administration tool, allowing the threat actors to access the data of 133 customers.

MailChimp says the attackers gained access to employee credentials after conducting a social engineering attack on Mailchimp employees and contractors. The attack was first detected on January 11th, after MailChimp detected the unauthorized person accessing their support tools."After we identified evidence of an unauthorized actor, we temporarily suspended account access for Mailchimp accounts where we detected suspicious activity to protect our users’ data," reads a statement about the security incident.

"We notified the primary contacts for all affected accounts on January 12, less than 24 hours after initial discovery."

As first reported by TechCrunch, one of the customers affected by this breach is the massively popular WooCommerce eCommerce plugin for WordPress. WooCommerce has emailed customers warning them that the MailChimp breach exposed their names, store URLs, addresses, and email addresses.


Level 19
Top Poster
Jan 21, 2018
In an article on this on 'The Register' they say "..This is the second data spill in five months and yet the company, bought by Intuit for $12 billion in September 2021, continues to tell customers – with a straight face – that it takes the "security of users' data seriously..."

I hope that this doesn't mean that we have a similar stance taken to losing customers data to that of Lastpass!



Staff Member
Malware Hunter
Jul 27, 2015
“Based on our investigation to date, this targeted incident has been limited to 133 Mailchimp accounts. There is no evidence that this compromise affected Intuit systems or customer data beyond these Mailchimp accounts,” the company said in a notice published on its website.
In response to the breach, Mailchimp suspended access for the targeted accounts and notified impacted customers. Some of those customers have started informing their own customers about the incident. One of the first to do so was WooCommerce, the WordPress ecommerce plugin made by Automattic, the company behind

Online gambling service FanDuel has also informed customers that their name and email address may have been compromised.

Limited to 133 accounts. Nice try!

Blockchain and cryptocurrency companies like Solana Foundation, Yuga Labs was also hit. More info here:


About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.