Impact to DigitalOcean customers resulting from Mailchimp security incident \ stacker news ~bitcoin

pull down to refresh

Impact to DigitalOcean customers resulting from Mailchimp security incident www.digitalocean.com/blog/digitalocean-response-to-mailchimp-security-incident

51 sats \ 4 comments \ @cameri 16 Aug 2022 bitcoin

view all related items

0 sats \ 3 replies \ @cryptocoin 16 Aug 2022

compromised as part of what we suspect to be a wider Mailchimp security incident that affected their customers, targeted at crypto and blockchain.

As of August 9th, we have migrated email services away from Mailchimp.

Correlating password reset events from the attacker IP address via our API logging, we confirmed the small number of DigitalOcean accounts targeted by malicious password resets. Though not all resets were successful.

0 sats \ 2 replies \ @cryptocoin 16 Aug 2022

So there were "crypto and blockchain" organizations whose Digital Ocean accounts had been successfully taken over by the hacker/attacker.

I would bet the attacker would have gone after any larger / well-known ones first.

Another reason to get your coins off any exchanges.

20 sats \ 1 reply \ @cameri OP 16 Aug 2022

If I remember correctly it was access to emails in MailChimp accounts of crypto companies. Their Digital Ocean accounts were not taken over.

0 sats \ 0 replies \ @cryptocoin 16 Aug 2022

Hacker gets emails from Mailchimp.

Hacker finds which emails are for "crypto and blockchain" companies and does password reset requests at Digital Ocean. Some of those attempts are successful. (Digital Ocean doesn't say how that was successful)

Hacker then has admin/root access to the "crypto and blockchain" hosts running at Digital Ocean.

At least that's how I interpret what I read.