Topic: Trezor mailing list breached (Read 386 times)

Details of the Mailchimp data breach

This email contains details of a data breach which compromised our mailing provider between February and April 2, 2022.

The attack saw Mailchimp employees being phished for privileged access to customer accounts, resulting in the theft of email addresses and in some cases names of subscribers and other data.

Below you will find specific data belonging to you which was stolen in the attack.
Data stolen in the attack

- Your email
- Your IP address

Please use this information to protect yourself and be wary of any incoming mail, as the targeted data is being used to send phishing emails to your inbox. Avoid clicking on any links in emails, and never ever enter your seed into a computer without your Trezor device telling you to do so.

This is the latest information we have, following a week of investigation and reluctant cooperation from Mailchimp's senior security staff. You will find a timeline of events on Trezor blog, but we will not be providing any links here so this message does not get confused for a phishing attempt.

You will not receive any more emails from Trezor via Mailchimp. Given the broad scope of the attack, it is important that you remain on alert for phishing attacks coming from other sources, as hundreds of other brands and projects which have not yet been disclosed were also targeted.

For inquiries, please contact our security team at [email protected].

We are contacting you because one of our email marketing vendors, Mailchimp, has informed us of a security breach they experienced that may have resulted in the exposure of your email address and name to a malicious actor.

No sensitive BitMEX data (such as passwords, account balances / addresses, trading history, etc.) was compromised because this issue affected the third-party vendor only.

BitMEX uses multiple vendors including Mailchimp to manage email mailing lists and newsletter sends.

We take this security breach at Mailchimp extremely seriously and as such have stopped using Mailchimp services.

However, going forward we strongly recommend that you continue to be vigilant for email phishing scams that might follow from the malicious actor, which according to Mailchimp targeted some of its crypto and finance clients.

Below, we have also outlined further actions you can take out of an abundance of caution to further safeguard your online accounts.

More Details from Mailchimp

Mailchimp recently advised us that they became aware of a malicious actor accessing one of their internal tools used by customer-facing teams for customer support and account administration. The actor gained access to this tool as a result of a successful social engineering attack on Mailchimp employees.

Mailchimp confirmed they swiftly addressed the situation by terminating access for the compromised employee accounts and taking steps to prevent additional employees from being affected.

Since taking these actions, Mailchimp advises they have seen no further malicious activity. They also advise us that they have undertaken a comprehensive security review of all their systems. We are as of yet unaware of any attempts by the malicious actor to send phishing messages to the email addresses that may have been exposed.

What Actions Can You Take?

In line with security best practices, we strongly recommend that all users protect their BitMEX and personal accounts by using strong and unique passwords, enabling Two-Factor Authentication, and using a password manager.

As a reminder, BitMEX Support will never ask you for your account password. If you observe unusual activity on your account, or if you receive an email that you believe may be fraudulent or phishing, please contact Support and we will be glad to assist you.

We constantly review our vendor relationships on the basis of many factors such as terms of services, service level agreement, and security.

As always, if you have any queries please contact [email protected].

Regards,
The BitMEX Team.