Online gambling firm FanDuel had its customers' names and email addresses compromised during the MailChimp data breach this month, according to BleepingComputer.
MailChimp, which provides transactional emails for FanDuel, had its internal customer support and administration tool using employee credentials obtained in a social engineering attack, resulting in the theft of 133 customers' "audience data."
"On Sunday evening, the vendor confirmed that FanDuel customer names and email addresses were acquired by an unauthorized actor. No customer passwords, financial account information, or other personal information was acquired in this incident," said FanDuel.
FanDuel has urged its customers to be vigilant against phishing attempts concerning their accounts. Customers have also been advised to adopt frequent password updates, activate multi-factor authentication, and be wary of links sent as part of attempted password resets they have not initiated.
"FanDuel will never email customers directly and request personal information to resolve an issue," said FanDuel in an email.