Email marketing firm hacked to steal crypto-focused mailing lists

Email marketing firm Klaviyo disclosed a data breach after threat actors gained access to internal systems and downloaded marketing lists for cryptocurrency-related customers.

Klaviyo said the data breach occurred on Aug 3 after threat actors stole an employee's login credentials in a phishing attack. These login credentials were then used to access the employee's account and internal Klaviyo support tools.

Using the internal tools, the threat actors downloaded marketing lists for thirty-eight customers who are in the cryptocurrency industry.

The security notification from Klavyio says:

The threat actor used the internal customer support tools to search for primarily crypto related accounts and viewed list and segment information for 44 Klaviyo accounts. For 38 of these accounts, the threat actor downloaded list or segment information.

The information downloaded contained names, email addresses, phone numbers, and some account specific custom profile properties for profiles in those lists or segments.

As the data security incident only happened last week, for the immediate future, this data will likely be used privately by the hackers or traded/sold with other threat actors. It would not be surprising to find this data eventually leaked for free on hacking forums.

The other day, an Anonymous source leaked around 4TB of proprietary data belonging to Israeli digital intelligence firm, Cellebrite.