The Russian-speaking cybercrime group Everest says it has stolen a large trove of data from email marketing giant Mailchimp, but the company has denied any evidence of a security incident.
Everest announced the alleged breach on its dark web leak site, claiming to possess a 767 MB database with 943,536 rows of information.
The group said the stolen material includes internal company documents alongside a “wide variety” of customer data.
However, cybersecurity analysts examining a sample of the leaked files found the contents less alarming than Everest’s claims suggest. According to reports, the dataset appears to be structured business information rather than highly sensitive internal records.
The entries include domain names, corporate email addresses, phone numbers, locations, GDPR region tags, social media profiles, and hosting provider details.
Many records also list the technology stacks used by the companies such as Shopify, WordPress, Amazon, Google Cloud, and PayPal, hinting that the information may have originated from a marketing or CRM export instead of Mailchimp’s core systems.
In a statement to media, Mailchimp’s parent company Intuit said: “The security of our products and our customers’ data are among our highest priorities. We are aware of the claims regarding Intuit Mailchimp’s systems. Based on our investigation at this time, we have no evidence to suggest any security incidents or exfiltration of data from our systems.”&nbs
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: