Mailchimp security team uncovered unauthorized personnel accessing a customer-facing tool used to offer customer support and account administration. In a tweet, Yuga Labs informed its audience that the company was among the many whose data was compromised and urged its audience to stay vigilant.
Mailchimp, a popular mailing service platform, encountered a vulnerability breach discovered by the technical team on Jan. 11. According to an official report by Mailchimp, the offender was found accessing one of the customer support and account administration tools. The hack was conducted through a social engineering attack that capitalized on employees’ and contractors’ credentials.
The perpetrator managed to access 133 Mailchimp accounts, including one owned by Yuga Labs, a blockchain technology company that mints and curates non-fungible tokens (NFTs) and virtual collectibles. Yuga Labs quickly rushed to Twitter to inform users of the potential security risk involved in being among the Mailchimp users whose accounts were compromised by the actor.
As of writing this, the Mailchimp security team confirmed that although the attacker had accessed the accounts maliciously, there is no prevailing evidence suggesting an export of data on the compromised accounts.
Yuga Labs mentioned in the tweet that the information held in the Mailchimp account involved “a couple of email campaigns involving a limited number of people”. The NFT company added that its Mailchimp account was only used severally for email communication and would never be used for mints in case the actor decides to be on the move.
Yuga Labs warns users of potential spam risks
Yuga Labs urged users to avoid phishing emails and not to fall for surprise mints that have not been communicated beforehand. The firm also added that all communication would be made through the platforms’ official mailing address @yugalabs.io will post all recent news events on the company’s official news website.
The news comes just after a Bored Ape whale collector by the pseudonym Pokee purchased 69 DeGods NFTs at once, which settled at a whopping $1 million. Yuga Labs is known for the iconic Bored Ape Yacht Club (BAYC) collection, which has quickly grown to legendary levels in the NFT space.