Several victims of a recent theft have applied for a class action lawsuit against Intuit, claiming that the financial software company failed to secure their assets
According to the reports, Intuit’s financial software company is stuck under a class action lawsuit along with its other subsidiary, Rocked Group LLC. These companies are responsible for Mailchimp, which failed to protect the firm’s data systems adequately, resulting in the loss of one man from Illinois of about $87,000 from his Trezor wallet. Intuit acquired Mailchimp in September 2021 for $12 billion.
The Mailchimp service on 4th April announced a hack affecting the audience data from more than 100 clients, including a crypto wallet vendor Trezor. Hackers have used the email address of Trezor to send fraudulent emails to clients of Trezor wallet users in an attack via social engineering while requesting them in order to click on a link. This happened to act disguised as a trojan horse that looked similarly to Trezor wallet’s app informing the data breach to users that had also compromised their account.
The fake app of Trezor wallet revealed the features that built it almost something indifferentiable from the original Trezor app. For instance, if an individual had not trained his eye to see the little dot under the character ‘e’ from the trezor, they would have not ever known. Using the special Unicode characters has been a very well-known engineering trick for a long time and is commonly associated with a phishing attack on the Unicode domain.
Once the disguised link is clicked, it is no different from most phishing cases. It asks users to enter their personally identifiable information or PIAA, including personal credentials like usernames and passwords. Trezor has called the attack exceptional in its complicated sophistication and indicated that it was planned meticulously.
The chief information security officer at Mailchimp, Siobhan Smyth, said that the company was informed about the breach on 26th March 2022 through an account administration and customer service tool that had been accessed unlawfully.
Inside sources of Trezor told a computer security news outlet that a Mailchimp insider went rogue and was responsible for this attack. The lawsuit filing also indicated that a Mailchimp employee had been found to click on a phishing link.
ALSO READ: Ripple continues to win against the SEC
Nancy J. Allen is a crypto enthusiast, with a major in macroeconomics and minor in business statistics. She believes that cryptocurrencies inspire people to be their own banks, and step aside from traditional monetary exchange systems. She is also intrigued by blockchain technology and its functioning. She frequently researches, and posts content on the top altcoins, their theoretical working principles and technical price predictions.