Email marketing firm Klaviyo suffered a data breach in August 2022 after hackers gained access to internal systems after stealing an employee's credentials via a phishing attack.
The threat actors downloaded marketing lists for cryptocurrency-related customers including names, addresses, emails, and phone numbers.
They also used internal customer support tools to search for primarily crypto-related accounts and viewed list and segment information for 44 Klaviyo accounts.
Klaviyo immediately notified law enforcement and engaged with a third-party cybersecurity firm to investigate a breach of their network.
TPRM report: https://scoringcyber.rankiteo.com/company/klaviyo
"id": "kla2019281022",
"linkid": "klaviyo",
"type": "Breach",
"date": "08/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Technology',
'name': 'Klaviyo',
'type': 'Email Marketing Firm'}],
'attack_vector': 'Phishing',
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': ['Personal Information'],
'type_of_data_compromised': ['Names',
'Addresses',
'Emails',
'Phone Numbers']},
'date_detected': '2022-08',
'description': 'Email marketing firm Klaviyo suffered a data breach in August '
'2022 after hackers gained access to internal systems after '
"stealing an employee's credentials via a phishing attack. The "
'threat actors downloaded marketing lists for '
'cryptocurrency-related customers including names, addresses, '
'emails, and phone numbers. They also used internal customer '
'support tools to search for primarily crypto-related accounts '
'and viewed list and segment information for 44 Klaviyo '
'accounts.',
'impact': {'data_compromised': ['Names',
'Addresses',
'Emails',
'Phone Numbers'],
'systems_affected': ['Internal Systems', 'Customer Support Tools']},
'initial_access_broker': {'entry_point': 'Phishing Attack'},
'investigation_status': 'Investigation Ongoing',
'post_incident_analysis': {'root_causes': 'Stolen Employee Credentials'},
'references': [{'date_accessed': '2022-08',
'source': 'Cyber Incident Description'}],
'response': {'law_enforcement_notified': True,
'third_party_assistance': ['Third-party Cybersecurity Firm']},
'title': 'Klaviyo Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Stolen Employee Credentials'}