Security News > 2021 > January > Mimecast links security breach to SolarWinds hackers

Email security company Mimecast has confirmed today that the threat actor behind the SolarWinds supply-chain attack is behind the security breach it disclosed earlier this month.
"Our investigation has now confirmed that this incident is related to the SolarWinds Orion software compromise and was perpetrated by the same sophisticated threat actor," Mimecast said.
While the exact number of affected customers using the stolen certificates to secure the connection to the Microsoft 365 cloud was not disclosed, Mimecast said that roughly 10 percent of their customers "Use this connection."
Mimecast's products are currently used by more than 36,000 customers, with 10% of them amounting to roughly 3,600 impacted customers.
The company found evidence that "a low single-digit number of our customers' M365 tenants were targeted" by the SolarWinds hackers.
Mimecast reached out to these customers to remediate and address this issue and, according to today's update, "[t]he vast majority of these customers have taken this action, and Microsoft has now disabled use of the former connection keys for all affected Mimecast customers.
News URL
https://www.bleepingcomputer.com/news/security/mimecast-links-security-breach-to-solarwinds-hackers/
Related news
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Hackers Use CAPTCHA Trick on Webflow CDN PDFs to Bypass Security Scanners (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Australian fertility services giant Genea hit by security breach (source)
- Orange Group confirms breach after hacker leaks company documents (source)
- Drug-screening biz DISA took a year to disclose security breach affecting millions (source)
- Silk Typhoon hackers now target IT supply chains to breach networks (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom (source)
- Oracle denies breach after hacker claims theft of 6 million data records (source)