I think my account has been compromised.

We take account security seriously at MailChimp, so if you're concerned your account may be compromised, or is under threat of being compromised, it's best not to take any chances, remain calm, and act quickly.

What to Do First

Below are some common indicators that an account may have been compromised.

  • You received password reset emails you didn't request.
  • You received forgot username emails you didn't request.
  • You received an unexpected email from MailChimp staff/service teams.
  • You think your list has been stolen.

If you feel your account has been compromised, take the following steps from a different computer from your own that is secure and preferably not on your network.

  • Let us know what's going on through a secure email address (not the one that is sending rogue emails). We will then turn off login and send capabilities on the account until you can reset your data.
  • Reset your password.
  • Reset your security questions and answers.
  • Reset your username.
  • Reset your contact email address.
  • Change any active API keys by deleting the active API keys and recreating new keys.

Charges for Stolen Accounts

If your MailChimp account has been stolen, the last thing you're probably thinking about are MailChimp fees. But rest assured, you won't be charged for the emails sent by the person who broke into your account.

Reasons This May Have Happened

There are two ways account compromises normally happen.

The most common scenario is a former employee or upset business partner had access to your MailChimp account and tried to undermine your organization. As you can imagine, this scenario usually gets resolved in court. If you need to contact our General Counsel or to send court orders preserving account data for your case, use this form.

Another way we've seen accounts stolen is when a user's computer has been infected with malware that logs everything you type. All your passwords, including your MailChimp password, can be stolen by the hacker and re-sold to people who want access to organizations' email marketing accounts so they can take your information or send emails from your account.

Was this article helpful?
What can we do to improve articles like this?