Chipotle’s email vendor Mailgun was breached, allowing threat actors to commandeer the company s email marketing efforts. 121 phishing emails sent from the compromised Mailgun account sent between July 13 and July 16. The attacks are similar to a similar to the SolarWinds attack on the U.S. government in May 2021. Inky has no evidence to suggest the same actors are involved in these attacks, it appears to be a case of copying a successful attack vector used by Nobelium.
Source: https://threatpost.com/chipotle-serves-up-lures/168279/