So, just how were those MailChimp accounts hacked?

Graham Cluley writes:

As I described yesterday in an article on the We Live Security blog, some MailChimp customers had their accounts hijacked, with the end result that their newsletter subscribers received a malicious email.


[…]A security researcher, who chooses to remain anonymous, contacted me telling me that he had a database of over 2,000 MailChimp usernames and passwords. The data was not sourced via a breach at MailChimp itself, but was a small part of a much larger data haul collected by the Vawtrak password-stealing trojan.


About the author: Dissent

Comments are closed.