The email marketing company Mailchimp said on Monday its network was breached following a social engineering attack.
The intruder viewed about 300 Mailchimp accounts and audience data was exported from 102 of them, it said said in a statement.
Mailchimp software is used by publishers and companies to compose newsletters and send promotional messages to customers. It is regarded by many marketers as a world-leader in respect of GDPR, POPIA and other privacy compliance regulations, so the attack is a blow to its reputation.
The attack on Mailchimp is another warning to all persons using software and cloud solutions to provide services, to focus energies and resources on data and cyber protection.
The rise in data breaches and other forms of malicious cyberattacks have dramatically risen, despite the increase of data protection legislation and regulations worldwide.
While we expect Mailchimp and many other breached entities have done what is necessary to comply with their governing legislation and regulations, with regards to their security safeguards, it seems this is not enough.
Governmental and state police services will need to gear up their cybercrimes units to ensure we can catch the culprits and prosecute them. Without this step up in governmental resources, the cyber arena will remain open to attacks with the culprits getting away with their crimes.
