Solana Foundation warns about security incident with Mailchimp

Published at: Jan. 14, 2023

Solana Foundation, the non-profit organization of the Solana Network, disclosed on Jan. 14 a security incident involving its email service provider Mailchimp. 

According to an email sent to users and seen by Cointelegraph, the Foundation was informed by Mailchimp on Jan. 12 that "an unauthorized actor accessed and exported certain user data from the Solana Foundation’s Mailchimp instance."

Among the information accessed and exported in the incident were user's names and Telegram usernames. The Solana Foundation stated:

"Based on the information we have received from Mailchimp, the affected information may have included, inter alia, email addresses, names, and Telegram usernames, in each case only to the extent users provided any such information. Mailchimp advised that the incident did not affect passwords or credit card information."

The number of users affected by the incident is unclear. There was no official announcement from Solana or Mailchimp regarding the incident at the time of publication. Solana did not immediately respond to Cointelegraph’s request for comment.

Related: 5 sneaky tricks crypto phishing scammers used last year: SlowMist

Few weeks ago, another crypto company had user's emails exposed by third-party providers. As reported by Cointelegraph on Dec. 13, hackers gained access to 5,701,649 lines of information pertaining to customers of crypto exchange Gemini, including email addresses and partial phone numbers.

It is not the first time crypto companies have experienced security issues with Mailchimp. In August 2022, the email marketing platform Mailchimp suspended its services to crypto content creators and platforms associated with crypto news or related services. Users started to experience issues logging into accounts, followed by notices of service interruptions.

At the time, Mailchimp stated that “across the tech industry, malicious actors are increasingly deploying an array of sophisticated phishing and social engineering tactics targeting data and information from crypto-related companies.”

The company also said that "in response to a recent attack targeting Mailchimp’s crypto-related users, we’ve taken proactive measures to temporarily suspend account access for accounts where we detected suspicious activity while we investigate the incident further.”

The Beosin Global Web3 Security Report 2022 revealed 167 major security incidents over 2022, with DeFi projects attacked 113 times, which accounted for approx. 67.6% of recorded attacks, Cointelegraph reported.

Tags
Business
Hacks
Hackers
Solana
Cybersecurity
Related Posts
Hotbit crypto exchange shuts down for maintenance after attempted hack
Cryptocurrency exchange platform Hotbit has shut down all of its services after an attempted cyberattack on Thursday. “Hotbit just suffered a serious cyber-attack starting around 08:00 PM UTC, April 29, 2021, which led to the paralyzation of a number of some basic services,” a notice on the platform’s website reads. The hackers were reportedly unsuccessful in gaining access to Hotbit’s wallets but did manage to compromise the platform’s user database. Thus, the Hotbit team has advised customers to disregard any communication from entities claiming to be representatives of the exchange. With all normal operations currently paused during the ongoing maintenance, …
Business / April 30, 2021
Crypto app targeting SharkBot malware resurfaces on Google app store
A newly upgraded version of a banking and crypto app targeting malware has recently resurfaced on the Google Play store, now with the capability to steal cookies from account logins and bypass fingerprint or authentication requirements. A warning about the new version of the malware was shared by malware analyst Alberto Segura and treat intelligence analyst Mike Stokkel on Twitter accounts on Sept. 2, sharing their co-authored article on Fox IT’s blog. We discovered a new version of #SharkbotDropper in Google Play used to download and install #Sharkbot! The found droppers were used in a campaign targeting UK and IT! …
Blockchain / Sept. 5, 2022
Bitcoin mining pool BTC.com reports $3M cyberattack
Major cryptocurrency mining pool BTC.com has suffered a cyberattack resulting in a significant loss of funds by the company and its customers. BTC.com experienced a cyberattack on Dec. 3, with attackers stealing around $700,000 in client assets and $2.3 million in the company’s assets, the mining pool’s parent firm BIT Mining Limited officially announced on Dec. 26. BIT Mining and BTC.com reported the cyberattack to law enforcement authorities in Shenzhen, China. The local authorities subsequently launched an investigation into the incident, starting collecting evidence and requesting assistance from relevant agencies in China. The local coordination has already helped BTC.com recover …
Bitcoin / Dec. 26, 2022
Coinbase discloses recent cyberattack targeting employees
Crypto exchange Coinbase experienced a cybersecurity attack targeting its employees on Feb. 5. The attack came through SMS scams and involved impersonations of IT staff, according to a recent report from the company's engineering team. No customers' funds or information were impacted, the firm said. As per the report, on a late Sunday several Coinbase employees received SMS messages requiring them to urgently log in via the link provided to access an important message. Acting in a good faith, one employee followed the exploiter' instructions: "While the majority ignore this unprompted message - one employee, believing that it’s an important …
Technology / Feb. 22, 2023
Top 7 cybersecurity jobs in high demand
In today’s digital age, cybersecurity has become a critical aspect of almost every business. Cyber threats are increasing daily, and businesses must take proactive measures to protect their networks and data. As a result, the demand for cybersecurity professionals has skyrocketed. Little Friday humour #meme #cybersecurity @hackurityio pic.twitter.com/MArEpCh03k — Harold De Vries (@devries_harold) February 17, 2023 In this article, we will discuss the top seven cybersecurity jobs that are in high demand. Cybersecurity analyst A cybersecurity analyst is responsible for identifying and mitigating cyber threats to an organization’s network and data. They examine system logs and network traffic to find …
Technology / Feb. 26, 2023