20 sats \ 1 reply \ @cameri OP 16 Aug 2022 \ parent \ on: Impact to DigitalOcean customers resulting from Mailchimp security incident bitcoin
If I remember correctly it was access to emails in MailChimp accounts of crypto companies. Their Digital Ocean accounts were not taken over.
Hacker gets emails from Mailchimp.
Hacker finds which emails are for "crypto and blockchain" companies and does password reset requests at Digital Ocean. Some of those attempts are successful. (Digital Ocean doesn't say how that was successful)
Hacker then has admin/root access to the "crypto and blockchain" hosts running at Digital Ocean.
At least that's how I interpret what I read.
reply