MailChimp fell victim to a social engineering attack that threat actors successfully performed on the company`s employees and contractors.
Hackers managed to obtain employee credentials and gained access to an internal customer support and account administration tool which affected the data of 133 customers.
The information obtained by hackers only includes names, store URLs, addresses, and email addresses, which are still enough for threat actors to launch phishing attacks.
Source: https://heimdalsecurity.com/blog/mailchimp-data-breach-social-engineering/
"id": "INT20719123",
"linkid": "intuitmailchimp",
"type": "Breach",
"date": "01/2023",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"