MailChimp, an American marketing automation platform and email marketing service, was breached for the second time this year. The first breach was disclosed in April when MailChimp revealed that an attacker gained control of the company’s internal tooling as a result of a phishing attack against an employee. The attacker then used these tools to breach clients with cryptocurrency ties. In the latest breach, Mailchimp’s internal tooling was again compromised and used to target MailChimp clients tied to cryptocurrency. DigitalOcean’s MailChimp account was also compromised.
DigitalOcean uses their account to perform password resets, send email confirmations, and to send alerts to customers. As a result of this account being compromised, the email addresses of numerous DigitalOcean clients were exposed, allowing the attackers to perform password resets on their accounts. DigitalOcean has since cut ties with MailChimp as a result of this breach. MailChimp has indicated that any additional accounts that were involved in the attack have since been locked and additional security measures have been put in place.