It has come to our attention that hackers have gained access to a number of Mail Chimp accounts around the world and are using them for malicious purposes.
Late last week we began to recieve emails supposedly from various businesses from the UK and abroad. The emails contained a link and stated we could download our invoice/proposal/plans from the link.
Upon examination we found the emails had been sent using the popular mass mailing service, Mail Chimp. Further investigation has confirmed that some, if not all of the accounts used to send these emails were legitimate accounts that have been hacked.
We do not yet know if this hack is due to insecure IT security practices by the users, or if Mail Chimp’s security has been comprimised. As such we are advising all those who use Mail Chimp to take the precaution of changing their password for all sites and services that use the same email address and password combination as their Mail Chimp account.
Additionally we advise users not to click on any links in emails from senders they do not know.