Mailchimp experienced a phishing attack resulting in a data breach that compromised nearly 16,000 records of current and former mailing list subscribers. The phishing attack, targeted at Have I Been Pwned Administrator Troy Hunt, was executed through a malicious email that redirected to a fraudulent phishing site that captured Hunt's credentials. Despite the use of two-factor authentication, the automated nature of the attack allowed for rapid data extraction. Cloudflare has since taken down the phishing site, while the extent of data retention by Mailchimp from unsubscribed users remains unclear.
Source: https://www.scworld.com/brief/mailchimp-phishing-exposes-have-i-been-pwned-subscribers
"id": "int814032625",
"linkid": "intuitmailchimp",
"type": "Breach",
"date": "3/2025",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"