Yet one more group has introduced that it has been affected by the SolarWinds hack, after electronic mail safety agency Mimecast confirmed itself among the many victims.
The corporate famous that the risk actors accessed account credentials held by sure clients based mostly within the US and UK.
Mimecast added that it was not conscious of the stolen credentials being decrypted or misused however is advising clients situated within the affected international locations to reset their credentials as a precautionary step.
The fallout continues
“As we beforehand shared, when Microsoft knowledgeable us concerning the compromise of a Mimecast-issued certificates used to authenticate a subset of Mimecast’s merchandise, we suggested affected clients to interrupt and re-establish their connections with newly issued keys,” the Mimecast weblog read.
“The overwhelming majority of those clients have taken this motion, and Microsoft has now disabled use of the previous connection keys for all affected Mimecast clients. We additionally launched an inner investigation, supported by main third-party forensics consultants, and we’re coordinating our actions with regulation enforcement. Our investigation has now confirmed that this incident is said to the SolarWinds Orion software program compromise and was perpetrated by the identical refined risk actor.”
Mimecast was initially knowledgeable that it might have been focused by the SolarWinds hackers by Microsoft, after the Redmond-based agency observed that a few of its self-issued authentication certificates had been compromised. Round 10% of Mimecast’s clients are believed to be affected.
Mimecast can no less than take some small consolation from the truth that it’s removed from the one agency to be focused by the SolarWinds hackers. Among the many higher-profile victims, Malwarebytes, FireEye, and Microsoft have all been impacted.
The SolarWinds breach was first found late final yr and affected organizations based mostly everywhere in the world. It’s unlikely that the admission from Mimecast would be the finish of the SolarWinds story.
By way of Bleeping Computer