The Solana Foundation, a non-profit organization of the Solana Network, announced on January 14th a security incident involving the email service provider Mailchimp.
According to an email sent to users and seen by Cointelegraph, the Foundation was notified by Mailchimp on January 12 that “an unauthorized actor accessed and exported certain user data from the Mailchimp Solana Foundation instance.”
Among the information accessed and exported in the incident were usernames and Telegram usernames. The Solana Foundation states:
“Based on the information received from Mailchimp, the affected information may include, among others, email addresses, names, and Telegram usernames, in each case only to the extent that the user provides this information. Mailchimp advises that this does not happen. affect passwords or credit card information.”
The number of users affected by the incident is unclear. There has been no official announcement from Solana or Mailchimp regarding the incident at the time of publication. Solana did not immediately respond to Cointelegraph’s request for comment.
Related: 5 tricky crypto phishing scammers used last year: SlowMist
A few weeks ago, another crypto company had its users’ emails shared by a third-party provider. As reported by Cointelegraph on December 13, hackers gained access to 5,701,649 lines of information related to customers of the Gemini crypto exchange, including partial email addresses and phone numbers.
This is not the first time crypto companies have had security issues with Mailchimp. In August 2022, email marketing platform Mailchimp suspended its services for crypto content creators and platforms related to crypto news or related services. Users started experiencing problems logging into their accounts, then notified of a service outage.
At the time, Mailchimp stated that “in the tech industry, malicious actors are increasingly using a variety of phishing tactics and social engineering targeting data and information from crypto-related companies.”
The company also said that “in response to recent attacks targeting Mailchimp crypto-related users, we have taken proactive steps to temporarily suspend account access for accounts where we detect suspicious activity while we investigate the incident further.”
Beosin Global Web3 Security Report 2022 reveals 167 major security incidents in 2022, with DeFi projects attacked 113 times, which is approx. 67.6% of recorded attacks, reported Cointelegraph.