Mailchimp Suffers Alleged Ransomware Attack: What You Need to Know

Direct marketing giant Mailchimp has been identified as a victim of a ransomware attack by the Everest hacking group, which posted details of the incident on 31 July. Everest claimed to have stolen approximately 767 megabytes of data, consisting of 943,536 lines of information. The leaked data reportedly includes a wide range of personal documents and client information, as stated by Everest in their leak post. Two screenshots of the data, seemingly exported from a customer relationship management platform, were also shared. This information encompasses company domain names, email addresses, location details, phone numbers, social media links, and GDPR labels. Additionally, it contains technical stack details for several prominent companies, including Amazon, PayPal, and Shopify.

Everest has not specified any ransom demand or deadline, and Mailchimp is one of four victims listed on the same day. The Everest ransomware group, which is linked to Russia, was first observed in 2020. Initially focused on data theft for corporate extortion, the group has since transitioned to ransomware and encryption tactics. To date, Everest has claimed a total of 238 victims, with their most recent Australian target being the applied behavioural science firm Evidn, which was hacked earlier this year. The group has also been implicated in cyber attacks against Coca-Cola’s bottling partner in the Middle East.