New Delhi, Aug 16 : Cloud infrastructure provider DigitalOcean has acknowledged that some of its customers’ personal details were disclosed in an incident that was recently that was disclosed by the company that sells email marketing Mailchimp.
DigitalOcean’s director of security Tyler Healy said in a blog post on Tuesday that on August 8th, the company learned the fact that their Mailchimp account was compromised as part of what “we believe to be an broader Mailchimp security breach that affected their customers, specifically blockchain and crypto”.
Mailchimp had previously admitted to an attack on its crypto-related customers but did not provide additional details.
In the aftermath of the Mailchimp incident, we believe that certain DigitalOcean customers’ email addresses could be in the public domain.
In the interest of an abundance of security we are currently sending emails to those affected.
DigitalOcean stated that they had a “very small percentage of DigitalOcean customers were able to experience attempted breach of their accounts via resets of passwords”.
“These accounts of customers are secured and they have been directly contacted.As of the 9th of August we have moved emails away from Mailchimp,” the company informed.
It was stated that no information about the customer other than email addresses was compromised.
“However we would recommend heightened vigilance against phishing attacks in the coming days, in addition to enabling two-factor authentication for your DigitalOcean account,” the company advised.
Mailchimp announced that they would continue their investigation and were proactive in providing affected users with current and precise information throughout the investigation.
DigitalOcean stated that the wider email outage management team had decided to move urgently essential services from Mailchimp to a different service for email.
na/