Intuit gets sued for a security failure that led to cryptocurrency theft
Intuit faces a lawsuit in the wake of a security failure at MailChimp that led to cryptocurrency theft from at least one wallet. Intuit acquired MailChimp last year for $12B.
- The proposed class-action lawsuit was filed by plaintiff Alan Levinson of Illinois, claiming a total of $87,000 was stolen due to a sophisticated phishing attack on April 2.
- The cryptocurrency wallets were attacked in an elaborate email phishing attack that installed malware, which hacked the wallets of several crypto investors.
- The plaintiff accuses MailChimp of poor security practices that led the attackers to gain access to the Trezor email list.
- The hackers used internal employee tools to steal the data of more than 100 customers, the lawsuit states.
- Levinson says that Intuit "willfully, recklessly, or negligently" failed to protect and disclose the data breach to its clients.
- Bad actors in the phishing scheme had emailed MailChimp clients stating that the company's data was compromised and that their crypto wallets were at risk.
- Levinson and others fell victim to this email message and believed that the email was legitimately from the company, but it came with a malware link.
- Intuit staff also fell victim to a phishing attack and handed over sensitive client data to the hacker.
How to spot a phishing attack:
- Always double-check the email URL and look for special characters.
- The email in this message said to click on a link to suite.trẹzor.com (notice the special ẹ character), which prompted users to download the new version of Trezor Desktop software.
Published 1x Day. 7x Week
Share your knowledge with the community