Hackers compromise Mimecast’s Microsoft authentication

Hackers compromise Mimecast’s Microsoft authentication

Believed to be same hackers who attacked SolarWinds



Credit: Glassdoor

Mimecast has become the latest cyber security vendor to reveal it has been the victim of a hacking attack. 

The email security vendor said a “sophisticated threat actor” compromised a Mimecast certificate used to authenticate several of its products to Microsoft 365 Exchange Web Services. 

In a blog update, Mimecast said approximately 10 per cent of its customers use the connection, adding that it believed a “low single-digit number” of its customers’ Microsoft 365 tenants were targeted.  

“We have already contacted these customers to remediate the issue,” the vendor said in the post. 

Mimecast is now asking these customers to “immediately” delete the existing connection within their Microsoft 365 tenant and re-establish a new certificate-based connection using a new certificate it has created. 

“The security of our customers is always our top priority,” the company added. “We have engaged a third-party forensics expert to assist in our investigation, and we will work closely with Microsoft and law enforcement as appropriate." 

According to Reuters, three security experts suspect the hackers who compromised Mimecast were the same group that broke into SolarWinds and a number of sensitive US government agencies. 

The SolarWinds hacked, described as one of the most ambitious exercises of cyber espionage, has been linked to a hacker group linked to the Russian government. 

Tags MicrosoftMimecast

Show Comments