The Everest ransomware group has claimed responsibility for attacking Mailchimp, the popular email marketing platform.
The cybercriminals announced their alleged data breach on their dark web leak site, stating they stole a 767 MB database containing 943,536 lines of data.
According to Everest’s claims, the leaked information includes “internal company documents” and “a huge variety of personal documents and information of clients.”
What Mailchimp Data Was Compromised?
Sample data released by the ransomware group shows business information rather than sensitive internal Mailchimp systems data. The leaked records appear to contain:
- Domain names and company email addresses
- Phone numbers and location details
- GDPR region labels
- Social media links
- Hosting provider information
- Technology stacks used by companies (Shopify, WordPress, Amazon, Google Cloud, PayPal)
The data format suggests it may have come from a marketing or CRM export rather than Mailchimp’s core systems.
Everest Group’s Dark Web Leak Site (Source: Hackread)
Security Experts Express Doubt
Cybersecurity professionals are skeptical about this breach claim. Social media users have mocked the alleged attack’s small size, with one expert calling it “like one customer” worth of data.
Another security insider noted that 767 MB “seems remarkably small for a vendor as large and widespread as MailChimp.”
Social Media Post about Mailchimp Breach
The amount represents a tiny fraction compared to the 333 billion emails Mailchimp reportedly sent for clients in 2020.
Even if this proves to be a minor incident with Mailchimp, users should remain proactive about protecting their personal information from potential identity theft.
TROYPOINT Tip: Even if this proves to be a minor incident with Mailchimp, users should remain proactive about protecting their personal information from identity theft. See our recommended identify theft protection below.
Aura Identity Theft Protection Review
Final Thoughts
While Mailchimp parent company Intuit states they are “looking into” the matter, security experts remain doubtful about the breach’s significance.
The small data size and questionable nature of the leaked information suggest this may be more hype than substance from the Everest ransomware group.
For more information on this story, refer to the report from Hackread and any future updates from Mailchimp.
We want to know your thoughts. What do you think about this story? Let us know in the comment section below!
Be sure to stay up-to-date with the latest streaming news, reviews, tips, and more by following the TROYPOINT Advisor with updates weekly.
This page includes affiliate links where TROYPOINT may receive a commission at no extra cost to you. Many times, visitors will receive a discount due to the special arrangements made for our fans. Learn more on my Affiliate Disclaimer page.
