Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Everest Group. Show all posts
Everest Group
Cyber Crime cybersecurity news Data Theft Everest Group

Cybercrime Group Claims Theft of MailChimp Client Data

 

The Russian-speaking cybercrime group Everest says it has stolen a large trove of data from email marketing giant Mailchimp, but the company has denied any evidence of a security incident. Everest announced the alleged breach on its dark web leak site, claiming to possess a 767 MB database with 943,536 rows of information. 

The group said the stolen material includes internal company documents alongside a “wide variety” of customer data. However, cybersecurity analysts examining a sample of the leaked files found the contents less alarming than Everest’s claims suggest. According to reports, the dataset appears to be structured business information rather than highly sensitive internal records. 

The entries include domain names, corporate email addresses, phone numbers, locations, GDPR region tags, social media profiles, and hosting provider details. Many records also list the technology stacks used by the companies such as Shopify, WordPress, Amazon, Google Cloud, and PayPal, hinting that the information may have originated from a marketing or CRM export instead of Mailchimp’s core systems. 

In a statement to media, Mailchimp’s parent company Intuit said: “The security of our products and our customers’ data are among our highest priorities. We are aware of the claims regarding Intuit Mailchimp’s systems. Based on our investigation at this time, we have no evidence to suggest any security incidents or exfiltration of data from our systems.” 

What's about the Everest Group?

Active since late 2020, Everest has historically used a double-extortion model, encrypting victims’ data while threatening to leak it unless a ransom is paid. Past targets have included the Brazilian government and NASA. From late 2022 onward, the group has increasingly operated as an Initial Access Broker (IAB), selling access to compromised networks instead of deploying ransomware directly. 

Recently, it has acted more as a data broker, publishing stolen material from companies such as Coca-Cola, the Saudi Arabian Rezayat Group, and other high-profile organizations. While the true origin and sensitivity of the Mailchimp-linked dataset remain unconfirmed, security experts warn that even non-sensitive business data could be leveraged in phishing or social engineering campaigns.
Read more »
Subscribe to: Posts (Atom)