I make and sell a security product called the SC4-HSM which, among other things, acts as a FIDO U2F key. A few days ago I was contacted by an independent security researcher named Christian Reitter saying (correctly) that he had discovered a security flaw that impacted a wide range of such keys. It turned out that the SC4-HSM is not impacted by the flaw, so I waited for the information embargo period to end and went to send out a notice to my mailing list letting my customers know all was well and they didn't need to worry. I keep my mailing list on MailChimp. I don't use the account very often, but every time I have used it I have had no problems.
Today, however, when I went to log in to my account, I was met with the following message:
This account has been deactivated. To continue using Mailchimp, please create a new account with a new username. If you have questions, please contact compliance@mailchimp.com.I went to my web site to see what a customer would experience if they tried to sign up for my list, and the result was the most unhelpful error message I have ever seen on the web (and that's saying something):
(Remember, this is what one of my prospective customers would see. Such a person may or may not have a MailChimp account, most likely not, so what would be the point of going to a dashboard? Assuming that button actually took you to a dashboard. Which it doesn't.)
I was shocked. As I said, I don't use my account very much, but I know it was active as of November 26 (three weeks ago) because someone signed up for my mailing list that week and I received a notification about that. I went back through my mail archives to see if a warning or notification about this had gotten spam-filtered somehow. Nope. Nothing.
So the situation is this: MailChimp shut down my account without even notifying me, let alone warning me that this was about to happen. At the same time, they turned the link on my site that prospective customers use to sign up for my mailing list into a dead link, and cut off my access to the existing list so I can no longer contact my existing customers. The only way to contact MailChimp is by email (they don't have a phone number AFAICT). I sent them an inquiry about this but they have not responded.
As if all that were not bad enough, there appears on the face of it to be no way to re-activate my account. The only option given in the error message is "To continue using Mailchimp, please create a new account with a new username." If I take this error message at face value, my mailing list is gone forever. WTAF MailChimp?
I really don't like to resort to public shaming, but this really is unacceptable. Even if I do manage to get my account and/or mailing list back somehow, I don't see how I can ever rely on MailChimp for anything mission critical. Pulling the rug out from under me like this is something you only get to do once.
UPDATE: MailChimp just now (as of 12/19 9:12 AM PST) reinstated my account.