Mailchimp, a popular email platform and marketing service, announced that it had experienced a data breach that resulted in the compromise of Yuga Labs’ account.
Yuga Labs, an NFT company behind popular projects such as Bored Ape Yacht Club, Meebits, and CryptoPunks, confirmed the incident on January 19th.
According to Yuga Labs, the company had only used the Mailchimp service for a limited number of purposes and was sharing the information out of caution.
They did mention that an unauthorized actor may have accessed data in their account but there was no indication that any data was exported.
They also reassured the community that the data in their Mailchimp account was only from an email campaign involving a few people, and had nothing to do with actual NFT minting.
Yuga Labs stated that it would contact relevant individuals only from a Yuga Labs email address if they believed their data was impacted, and urged the community to exercise caution.
Mailchimp’s security team identified that the breach occurred on January 11th, and began taking action soon after, notifying those affected the following day. Dozens of customers were affected by this incident.
This is not the first time that Mailchimp has experienced a hack, in fact, this is the second time in the past six months.
The previous hack was caused by an attacker using social engineering tactics and largely affected accounts related to cryptocurrency and finance.
As incidents like these become increasingly common in the crypto industry, players in the space warn users to be careful of suspicious emails or DMs and to always verify the authenticity of any communication before providing sensitive information.