"DigitalOcean Customers Affected by Mailchimp 'Security Incident'"

A recent attack on Mailchimp cryptocurrency-related users has affected users of the cloud infrastructure provider DigitalOcean. On August 8, DigitalOcean discovered that its Mailchimp account had been compromised as part of what it believes is a larger Mailchimp security incident affecting its customers, targeting cryptocurrency and the blockchain. The company suspects that certain DigitalOcean customer email addresses were exposed as a result of the Mailchimp incident. Mailchimp is an email marketing automation platform used by DigitalOcean to send email confirmations, password resets, product health alerts, and dozens of other transactional emails to its users. On August 8, its Security Operations team was made aware of a customer who claimed their password had been reset without their knowledge. Recognizing a possible link between its sudden loss of transactional email and potentially malicious password resets delivered via email, a security incident and investigation were launched concurrently with the teams addressing the email outage. The investigation revealed that DigitalOcean's Mailchimp account had been compromised by attackers and had been suspended by Mailchimp shortly after. Furthermore, the compromised Mailchimp account provided the attacker with email addresses of DigitalOcean customers, allowing them to perform malicious password resets on a "limited set" of accounts. This article continues to discuss the impact of the Mailchimp security incident on DigitalOcean. 

Help Net Security reports "DigitalOcean Customers Affected by Mailchimp 'Security Incident'"