Solana Foundation noted that malicious actors obtained “email addresses, names, and Telegram usernames.”
Solana Foundation, a Switzerland-based non-profit organization dedicated to the decentralization, growth, and security of the Solana network, has warned users about the security incident.
According to the letter sent to customers on January 14th, the incident happened via Solana’s email service provider Mailchimp.
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe - We publish new crypto explainer videos every week!
What is FUD in Crypto? (Fear, Uncertainty & Doubt Explained)
In the letter, Solana Foundation claimed that Mailchimp informed Solana Foundation about the incident on January 12th. In the announcement, Mailchimp told a non-profit organization that “an unauthorized actor accessed and exported certain user data from the Solana Foundation’s Mailchimp instance.”
It is believed that malicious actors obtained “email addresses, names, and Telegram usernames.” In the letter, Solana Foundation stated:
Based on the information we have received from Mailchimp, the affected information may have included, inter alia, email addresses, names, and Telegram usernames, in each case only to the extent users provided any such information.
Solana Foundation stated that Mailchimp assured the non-profit organization that the incident did not affect user passwords or credit card information.
It is unclear how many users were affected by this security breach. At the time of writing, neither Solana Foundation nor Mailchimp hasn’t issued any official announcements regarding the matter.
It is not the first time crypto-related entities are experiencing troubles with Mailchimp. In August 2022, Mailchimp stopped providing services to several crypto content creators and crypto-related firms.
At that time, the company claimed that it made this decision in response to a “recent attack targeting Mailchimp’s crypto-related users.” The company had suspended “account access for accounts where <the company> detected suspicious activity while <they> investigate the incident further.”
It is worth noting that, at the beginning of December, cryptocurrency exchange Gemini experienced a similar incident caused by “a third-party vendor.” At that time, malicious actors obtained around 5.7 million Gemini customer email addresses and partial phone numbers.
