Security News > 2021 > January > Mimecast discloses Microsoft 365 SSL certificate compromise
Email security company Mimecast has disclosed today that a "Sophisticated threat actor" compromised one of the certificates the company issues for customers to securely connect Microsoft 365 Exchange to their services.
"Microsoft recently informed us that a Mimecast-issued certificate provided to certain customers to authenticate Mimecast Sync and Recover, Continuity Monitor, and IEP products to Microsoft 365 Exchange Web Services has been compromised by a sophisticated threat actor," Mimecast said earlier today.
While the exact number of customers who used the stolen certificate to secure the connection used for Microsoft 365 cloud synchronization server tasks was not disclosed, Mimecast says that roughly 10 percent of their customers "Use this connection."
"As a precaution, we are asking the subset of Mimecast customers using this certificate-based connection to immediately delete the existing connection within their M365 tenant and re-establish a new certificate-based connection using the new certificate we've made available," Mimecast added.
While Mimecast did not say what type of certificate was compromised by the attackers, the statement published earlier today most likely refers to one of the Mimecast-issued Trusted SSL certificates customers have to install on their Exchange Client Access servers to secure the connection to the Microsoft 365 servers.
The regional certificates relative to customers' accounts have to be uploaded to Microsoft 365 to create a Server Connection in Mimecast.