Over 100 MailChimp client accounts were exposed in a massive breach, with hackers focusing especially on those of crypto holders.
At the end of March, MailChimp became aware of a hack that exposed audience data from 102 of their clients, including Trezor.
In Trezor’s case, the hackers got their email addresses and messaged them to say their accounts were compromised and they should follow a specific link to set up a new pin.
Only the link was part of a phishing campaign with the goal of getting their hands on the users’ digital wallets.
To get to that point, the hackers used an internal MailChimp link after tricking the company’s employees into revealing their log-in credentials.
The scheme wasn’t entirely successful, as not all Trezor users downloaded the fake app after clicking on the link provided via email.
Nevertheless, they were one of the first MailChimp clients to acknowledge the deceit and contact their customers. The rest of the victims might be doing damage control as we speak.