Mailchimp has been attacked by the Everest
ransomware group, although the damage does not seem to be severe, reports state. But Mailchimp says it didn’t happen.
Everest claims it captured 943,536 rows of data
in a 767 MB database, including internal company documents and personal customer information. This makes the dreaded Everest “a laughing stock of the cybersecurity community,” Techradar
writes.
Mailchimp denies the report. “The security of products and our customers’ data are emong our highest priorities,” the company says in a statement. “Based on our investigation at
this time we have no evidence to suggest any security incidents or exfiltration of data from our systems.”
Everest announced the hack on its dark web site, and posted
some samples.
advertisement
advertisement
Another report by Hackread states that the data includes serious business information such as domain names, company emails, phone numbers, corporate location detail,
social media links and hosting providers. Consumer information is not necessarily at risk, but those data points present their own dangers.
Mailchimp, an email/automation provider,
reportedly was given a few days to pay the ransom. The company suffered what apparently was a more serious incursion when it was hit three times in a year from 2022 to
2023.
More alarming than the new attack in the general sense is that, like everyone else, bad actors are increasingly using artificial intelligence.
A recent study
by KnowBe4 found that of phishing emails sent from Sept. 15, 2004 to February 15, 2025, 82.6% exhibited some use of AI, a 53.5% increase YoY.
