Ransomware victim disclosure
← All victimsMailchimp
Claimed by Everest · listed 1 year ago
Status timeline
- ListedJul 31, 2025
- Data leakeddate unknown
At a glance
- Group
- Everest
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Jul 31, 2025
About the victim
AI dossier — public-source company profileMailchimp is a marketing automation platform and email marketing service that enables businesses of all sizes to design, schedule, and manage email campaigns. The platform offers audience segmentation, dynamic content, analytics, website building, and landing page creation tools, along with SMS marketing and AI-powered marketing automation features.
- Industry
- Marketing Automation & Email Services
Attack summary
Severity: low — Post is a listing/announcement only with no proof files, no specific data inventory disclosed, no claim of exfiltration, and no operational disruption stated. No verifiable evidence of compromise presented.The Everest group claims to have compromised Mailchimp; however, the leak post contains only a generic description of the company's services with no specific details about data exfiltrated, attack vectors, or operational impact.
Original description
AI-summarised, not from the leak postMailchimp is a leading marketing automation platform and an email marketing service. The platform allows businesses to design, schedule, and manage email campaigns, from large to small scale. With additional features like audience segmentation, dynamic content, and analytics, it caters to businesses looking to turn their audience data into actionable insights. It also grants users the ability to build websites and landing pages.
Sources
Source
Indexed 1 year agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

