DigitalOcean customer info affected due to Mailchimp hack

A recent hacker attack targeting crypto-related users of Mailchimp has ended up affecting users of cloud infrastructure provider DigitalOcean, the firm has reported on Aug 15.

Mailchimp is an email marketing automation platform, which DigitalOcean uses – or did use, until this incident – to deliver “email confirmations, password resets, email-based alerts for product health, and dozens of other transactional emails” to its users.

Tyler Healy, VP Security at DigitalOcean, commented on the incident:

On August 8th, DigitalOcean discovered that our Mailchimp account had been compromised as part of what we suspect to be a wider Mailchimp security incident that affected their customers, targeted at crypto and blockchain. From that Mailchimp incident, we suspect certain DigitalOcean customer email addresses may have been exposed.

The investigation discovered that DigitalOcean’s Mailchimp account had been compromised. Also, that the compromised Mailchimp account provided the attacker with email addresses of DigitalOcean customers, allowing them to initiate malicious password resets against a “limited set” of accounts.

Еhe customers’ accounts that have been targeted have been secured, and it’s owners have been contacted directly.

The other day, one of the largest platforms for trading CS:GO skins CS.MONEY has taken its website offline after a hacker attack allowed threat actors to loot 20,000 items worth nearly $6,000,000.