The ransomware group Everest claimed to have stolen 767 MB of sensitive data from email marketing giant Mailchimp. The stolen data includes 943,536 lines of internal company documents, which the group threatened to leak if Mailchimp did not pay a ransom. Despite the claim, the cybersecurity community mocked the size of the data leak, deeming it relatively small for a company of Mailchimp's size. The incident highlights the risks associated with ransomware attacks and the potential exposure of sensitive information.
TPRM report: https://scoringcyber.rankiteo.com/company/intuitmailchimp
"id": "int835080125",
"linkid": "intuitmailchimp",
"type": "Ransomware",
"date": "8/2025",
"severity": "100",
"impact": "",
"explanation": "Attack with significant impact with customers data leaks: Attack which causes leak of personal information of customers ( only if no ransomware )"{'affected_entities': [{'industry': 'Email Marketing',
'name': 'Mailchimp',
'size': '14 million active users',
'type': 'Company'}],
'attack_vector': 'Data exfiltration',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '943,536 lines',
'sensitivity_of_data': 'Sensitive',
'type_of_data_compromised': 'Internal company documents'},
'description': 'Russian ransomware gang Everest claims to have stolen 767 MB '
'of sensitive data from email marketing giant Mailchimp and '
'threatened to release it if the ransom is not paid.',
'impact': {'brand_reputation_impact': 'Mockery from the cybersecurity '
'community',
'data_compromised': 'Internal company documents'},
'motivation': 'Financial gain',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Everest'},
'references': [{'source': 'vx-underground'}],
'threat_actor': 'Everest',
'title': 'Ransomware operators Everest adds Mailchimp to their data leak site',
'type': 'Ransomware'}