• by Ray Schultz , August 9, 2022

Customer platform Klaviyo has been hacked by threat actors seeking crypto-related accounts, the firm said in a blog post on Monday. 

It is the second hack announced by service vendors within the same day. Twilio reported on Monday that it had been hacked last week. 

Klaviyo discovered the hack on August 3, and determined that an employee’s login credentials had been compromised. The hacker gained access to the worker’s account and some of the company’s internal support tools.

The threat actor used these tools to search mostly for. Crypto accounts, viewing list and segment information for 44 Klaviyo accounts. List or segment information was downloaded for 38 of these accounts. 

The downloaded information included email addresses, phone numbers, and “some account specific custom profile properties for profiles in those lists or segments,” Klaviyo says in a blog. 

In addition, the hacker viewed and downloaded “two of Klaviyo’s internal lists used for product and marketing updates. These exports included information such as name, address, email address and phone number.” 

However, the download did not include passwords, password hashes, credit card numbers or account data.

All of the affected individuals in both cases have been notified. 

In addition, Klaviyo immediately revoked access for the compromised user and removed the threat actor from its systems.

Klaviyo has launched an investigation with a cybersecurity firm and notified law enforcement. The firm notes that it only sends emails from the klaviyo.com domain and with authentication by SPF and DKIM records.

“Our customers come first and we consider safeguarding data as one of our foundational responsibilities. We sincerely apologize that this happened,” Klaviyo states.