Sign in / up

back to article Intuit sued over alleged cryptocurrency thefts via Mailchimp intrusion

Intuit is being sued in the US after a security failure at its Mailchimp email marketing business allegedly led to the theft of cryptocurrency from one or more digital wallets. In a proposed class-action lawsuit [PDF] filed in federal court in northern California on Friday, the plaintiff – Alan Levinson of Illinois – claimed …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Howard Sway Silver badge

    an external actor conducted a successful social engineering attack on Mailchimp employees

    Should have hired more experienced staff then - cos if you pay peanuts, you get monkeys.

    19 0 Reply
    1. David 132 Silver badge
      Reply Icon
      Happy

      Re: an external actor conducted a successful social engineering attack on Mailchimp employees

      Whenever I hear news about Mailchimp, all I can think is "what are chimps known for? Flinging poo at all & sundry. What a very appropriate name for an email marketing company..."

      9 0 Reply
    2. ShadowSystems
      Reply Icon
      Joke

      At Howard Sway, re: peanuts.

      I thought that if you paid in peanuts, all you could expect was an infestation of ellef, elap, effal, pacy, those big things with the tusks & the trunk? =-Jp

      I'll get my coat, it's the one with the peanut-eating critters in the pockets.

      0 0 Reply
  2. Richocet

    Only a matter of time

    My view on cryptocurrency is that it is designed for criminal activities and also that anyone holding cryptocurrency will eventually have it stolen.

    Some of the characteristics of the currency such as being decentralised and untraceable, make it the most attractive target of theft ever.

    So I don't think anyone who buys crypto or uses it should be protected from theft or fraud of said crypto.

    13 0 Reply
    1. David 132 Silver badge
      Reply Icon
      Thumb Up

      Re: Only a matter of time

      There is never a bad time to remind those who haven't heard of it of the existence of Web3IsGoingGreat.com.

      7 0 Reply
  3. iowe_iowe

    leaving your wallet in a pub

    Crypto and NFT's both fail the smell test for me. As someone who occasionally leaves my wallet on a pub table, the idea of putting serious personal wealth in something that is simultaneously so ephemeral, and planet-buggering, seems insane.

    8 0 Reply
  4. Anonymous Coward
    Anonymous Coward

    I am sure NFTs have their place

    but a replacement for cash ain't one of them.

    Eventually, when all this settles down, I imagine they'll be vendor-specific tokens - much like gift vouchers.

    1 0 Reply
  5. Andy E
    Holmes

    Pot meet Kettle

    One of the main points seems to be that Mailchimp fell for a phishing attack which led to the claimants falling for a phishing attack.

    I do think they have a valid point about the time taken to alert the users about the attack though.

    9 0 Reply
    1. OhForF' Silver badge
      Reply Icon
      Facepalm

      Re: Pot meet Kettle

      "the plaintiff – Alan Levinson of Illinois – claimed he and potentially others fell victim to a sophisticated phishing attack".

      "Defendants fell victim to one of the oldest cybertricks in the book: according to reports, one of defendants' employees fell victim to a phishing email and clicked on a malicious link," the plaintiff claimed."

      It is a sophisticated phising attack if it happens to me but if anybody else falls for this old trick it is obviously gross neglicence.

      3 0 Reply
      1. ecofeco Silver badge
        Reply Icon

        Re: Pot meet Kettle

        Exactly.

        0 0 Reply
      2. Anonymous Coward
        Reply Icon
        Anonymous Coward

        sophisticated phishing attack/gross negligence.

        I am reminded of that "tech" journalist who was scammed and rather than keep quiet about it decided to write it up from the point of view of "I'm so clever and I got scammed ..." angle.

        Problem was they managed to break one of the first rules - security 101 - by giving their PIN to the scammers. But that was well hidden in the scaremongering.

        0 0 Reply
  6. Anonymous Coward
    Anonymous Coward

    MalChimps Intrusion

    https://youtu.be/cpe2gHG_p_c

    Front 242 - Moldavia

    0 1 Reply
  7. Doctor Syntax Silver badge

    The longer the supply chain the greater the attack surface. That should be obvious to the meanest intelligence. Unfortunately Mailchimp's customers are marketing departments so they fail to clear that bar.

    2 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like