Mailchimp Social Engineering Hack 11 January, 2023

Forum Moderators: open

Message Too Old, No Replies

Mailchimp Social Engineering Hack 11 January, 2023

engine

12:12 pm on Jan 19, 2023 (gmt 0)

Mailchimp has said an attacker used social engineering to compromise employees and contractors, and gain access to 133 accounts. Clearly, the weak point appears to be human and not systems.

Mailchimp said the hacker targeted its employees and contractors with a social engineering attack, in which someone uses manipulation techniques by phone, email or text to gain private information, like passwords. The hacker then used those compromised employee passwords to gain access to data on 133 Mailchimp accounts, which the company notified of the intrusion.

[techcrunch.com...]

tangor

2:39 am on Jan 20, 2023 (gmt 0)

One can fix most anything, except the human!

Only reason the phishers are still in business: humans!

Sgt_Kickaxe

2:57 am on Jan 20, 2023 (gmt 0)

One can fix most anything, except the human!

Lol, no matter how much you spend to protect humans, they keep doing things that make them vulnerable AND expecting nothing bad to happen. You know, like relying on 3rd parties to do everything or building houses on fault lines. [en.wikipedia.org...]

It's not the users fault, but the users knew the risks and took them. Mailchimp wasn't just hacked, they were hacked AGAIN.

engine

9:19 am on Jan 20, 2023 (gmt 0)

The potential for email spam from this could be massive.

I'm not surprised by a human failing, but, yes, i'm surprised by the fact it's the second time it's happened.

tangor

1:40 am on Jan 21, 2023 (gmt 0)

Not that surprising. Personnel change all the time, newbies and oldsters alike are prey for these sophisticated attacks. History shows there are more than a few tech companies that have been hit multiple times over the last 20 years. That said, protecting AGAINST this kind of attack requires companies/people to be constantly alert, trained, and cautioned regarding this attack vector.

Truthfully? I grateful there are not MORE of these episodes than have been reported!

nickZ

12:38 pm on Jan 21, 2023 (gmt 0)

and lets not forget the grumpy ex-employee wishing to get even.

Sgt_Kickaxe

1:20 pm on Jan 21, 2023 (gmt 0)

or the competition funding someone just to shake your trust.

Jonesy

5:11 pm on Jan 22, 2023 (gmt 0)

Truthfully? I grateful there are not MORE of these episodes than have been reported!

Cynicly: I believe there are a lot MORE of these episodes than have been UNreported!

tangor

8:04 pm on Jan 22, 2023 (gmt 0)

I believe there are a lot MORE of these episodes than have been UNreported!

Like insect pests, if you see one there are 1,000 more unseen in the walls!