Security News > 2021 > January > Mimecast Discloses Certificate Incident Possibly Related to SolarWinds Hack

Mimecast Discloses Certificate Incident Possibly Related to SolarWinds Hack
2021-01-13 12:03

Email security company Mimecast on Tuesday revealed that a sophisticated threat actor had obtained a certificate provided to certain customers.

According to Mimecast, it learned from Microsoft that hackers had compromised a certificate used to authenticate Mimecast Continuity Monitor, Internal Email Protect, and Sync and Recover products with Microsoft 365 Exchange Web Services.

"As a precaution, we are asking the subset of Mimecast customers using this certificate-based connection to immediately delete the existing connection within their M365 tenant and re-establish a new certificate-based connection using the new certificate we've made available," Mimecast said in a statement.

The company has not shared any details about the attacks abusing the compromised certificate, but some experts have speculated that the certificate may have allowed the hackers to intercept Mimecast customers' communications.

Mimecast said affected customers have been alerted and a third-party forensics firm has been called in to help investigate the incident.

According to Reuters, people with knowledge of the situation believe this incident may be related to the recently disclosed supply chain attack involving Texas-based IT management solutions provider SolarWinds.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/Mc8apMw9mgo/mimecast-discloses-certificate-incident-possibly-related-solarwinds-hack

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Solarwinds 44 0 80 95 40 215