Cyber Threats, Prevent Hacks

Mailchimp data breach targets crypto; GitLab updates security vulnerabilities

BlackCloak Threat Update 4/7

The rise of cryptocurrency has been meteoric over the past decade. In October 2010, you could buy a single Bitcoin for ten cents. If you held onto that ten cent investment, your Bitcoin would now be worth anywhere between $43,000 and $47,000, depending on the day.

In conjunction with crypto’s ascendance into the mainstream, virtual currencies have become a popular target for cyberattack. Cybercriminals have even begun to repurpose popular cyberattack techniques, such as SIM hijacking, to infiltrate crypto accounts.And since cryptocurrencies are decentralized, individuals do not have many places to turn to when cybercriminals compromise their accounts and steal funds. 

We’ve previously covered crypto-related data breaches, and in this edition of BlackCloak’s Thursday Threat Update, we report on a data breach where cybercriminals sought information of those involved with cryptocurrency. We also share details on significant security patches released by an open-sourced software provider.

Mailchimp data breach targets hundreds of crypto accounts

What we know: The marketing automation and email marketing company Mailchimp announced that cybercriminals compromised an internal company tool  to gain access to customer accounts. The malicious actors were able to gain access to the tool used by Mailchimp’s customer support and account administration teams via a social engineering attack. Mailchimp revealed that the cybercriminals were able to view approximately 300 Mailchimp accounts, and were successfully able to export audience data belonging to 102 of the affected profiles. Mailchimp did not reveal what data was accessed, but said that the hackers targeted customers in the cryptocurrency and finance sectors.

Recommendations: Mailchimp Chief Information Security Officer Siobhan Smyth advised all Mailchimp members to implement dual-factor authentication and other security measures. If you are a Mailchimp user involved with cryptocurrencies, you should also take the same tactic for your crypto accounts.  When cryptocurrencies are stolen, it can be incredibly difficult to recover lost funds. Resetting your passwords is also recommended, as it is unclear exactly what data was exported by the cybercriminals.

Gitlab releases updates over security concerns

What we know: Open-source software provider Gitlab released a slate of new updates to patch a security vulnerability that could allow remote hackers to commandeer user accounts through hardcoded passwords. While Gitlab has found no evidence of any account having been compromised through this vulnerability, it has taken several steps to mitigate any potential harm, including issuing password resets for an unspecified number of accounts. 

Recommendations: Gitlab advises all users of its Community and Enterprise Editions to download the latest versions of their software. The company also recommends implementing dual factor authentication for all accounts. It’s also a good idea to reset your password, even if you did not have yours reset by Gitlab. When doing so, make sure your password is long, complex, doesn’t contain any common phrases, and is stored in a password vault. If you’re a BlackCloak client, contact the Concierge team to learn more about password vaults, should you not already use one. 

Data breaches and vulnerabilities don’t have to automatically mean exposure

Data breaches and security vulnerabilities are unfortunately a common part of the digital ecosystem, but that doesn’t mean you have to sit idly by and wait for cybercriminals to infiltrate your accounts. Learn about why you should implement dual factor authentication for your email accounts and tips to protect yourself from data breaches, identity theft and financial fraud.