Earlier this month, the email marketing firm Klaviyo experienced a data breach attack. The attackers acquired access to the firm’s internal systems after stealing a staff’s credentials through a phishing campaign.
An investigation revealed that the hackers downloaded the marketing lists utilised by crypto-related accounts for the company’s product and marketing updates. Furthermore, the stolen data confirmed by researchers included the customer’s full names, complete addresses, work and personal emails, and phone numbers.
According to Klaviyo, the breach happened on August 3rd after the threat actors stole one of their employees’ login credentials in a previous phishing campaign. The adversaries then utilised these credentials to infiltrate its accounts and the company’s support kits.
The threat actors then downloaded marketing lists for a handful of customers affiliated with the cryptocurrency business. Further research uncovered that the support tools were utilised by the actors to exclusively search for accounts that are related to the cryptocurrency industry, resulting in the discovery of 44 Klaviyo accounts.
Additionally, the attackers downloaded two internal lists used by the marketing firm for product and updates that contained another set of names, addresses, email addresses, and mobile numbers.
Klaviyo stated that they had alerted several law enforcement agencies regarding the attack and a third-party cybersecurity firm to help them examine the breach in their system.
Subscribers of the marketing firm might be susceptible to phishing attacks.
Klaviyo’s cybersecurity team advised subscribers to be wary of targeted phishing and smishing.
Klaviyo advises its subscribers to look for phishing or smishing attacks using the stolen data. A company’s spokesperson said they expressed concern regarding the hackers’ potential follow-up attacks. They want their subscribers, affiliates, and personnel to be careful in dealing with unwanted messages such as password reset requests, requests for payment information, and emails from unusual domains.
Since the data breach happened recently, the stolen data will likely be utilised privately by the attackers or sold to other threat actors. These troves of data from Klaviyo will also probably appear in hacking forums soon.
