Cyber Attacks are common nowadays, one such occurred:

In the last 12 months, Mailchimp has experienced three data leaks, all of which were brought on by phishing or social engineering. On January 11, 2023, an unauthorised actor gained access to one of Mailchimp’s tools used by teams that interact with customers, which was the most recent hack. On January 18, 2023, there was a subsequent incident in which hackers gained access to a tool used for internal customer service and account management. No Intuit networks were compromised in either situation, according to Mailchimp. A total of 214 Mailchimp accounts had their data stolen in the second attack, most of which were associated with cryptocurrencies and money.

Root Cause Analysis:

Social engineering or phishing is what has led to the Mailchimp leaks. An unauthorized party gained access to one of Mailchimp’s tools used by teams that interact with customers in the most recent hack. Hackers gained access to an internal customer assistance and account management tool in a separate breach. An internal business tool was compromised by dishonest hackers in a prior breach that happened on April 20, 2022, allowing them access to data.

Detection:

On January 11, 2023, Mailchimp discovered the most current breach. The search results do not include the precise moment of detection. Mailchimp acknowledged that it discovered the compromise in a prior incident that happened on April 20, 2022, and that it immediately took steps to stop further unauthorised access. Mailchimp suspended accounts where suspicious behaviour was found while an investigation was underway in a second breach that happened on August 16, 2022.

Response on the Data Breach:

Mailchimp informed affected customers of the breach and suspended access for the targeted accounts. Several of those clients have begun telling their own clients about the event. As a result of the recent Mailchimp data breach, a number of businesses have begun informing consumers, including WooCommerce, FanDuel, Yuga Labs, and the Solana Foundation.

Best Practices:

1. To safeguard the information of its clients, Mailchimp has implemented a number of preventative steps. In order to avoid corruption and duplication, Mailchimp’s databases are kept distinct.
2. In the event of a nuclear strike on a data center, the business has multiple levels of logic, DDOS mitigation, and a written infrastructure continuity plan.
3. Employees at Mailchimp receive ongoing training on best security practices, such as how to spot hackers, social engineering schemes, and phishing emails.
4. Before starting work, criminal records and credit checks are run on all employees who have access to customer info. For indications of abuse, Mailchimp keeps an eye on account behavior and campaign activity.
5. In order to keep an eye out for suspicious account and email activity, the business uses scalable algorithms and human reviewers.
6. Customers of Mailchimp have access to 2-Factor Authentication, and those who use it receive a discount on their accounts.
7. To assist users in maintaining the safety and security of their accounts, Mailchimp has released best practices for account security.
8. Additionally, it advises adhering to best practices for data security, particularly if your company handles customers’ personal information. When requesting data from customers, Mailchimp makes it simple to guarantee GDPR compliance.

 Recommendation:

1. In order to guard against data loss and corruption, Mailchimp, a business that takes data security and privacy very seriously, has put in place multiple layers of logic.
2. Additionally, it routinely assesses the effectiveness of its security measures and looks into any potential data breaches or cyberattacks.
3. To safeguard the security of your account and the information of your customers, Mailchimp advises adhering to data protection laws and best practices. In order to spot questionable behavior, it also has an automated abuse-prevention system that keeps an eye on content made in Mailchimp and tracks campaign success.