Yet another organization has announced that it has been affected by the SolarWinds (opens in new tab) hack, after email security firm Mimecast confirmed itself among the victims.
The company noted that the threat actors accessed account credentials held by certain customers based in the US and UK.
Mimecast added that it was not aware of the stolen credentials being decrypted or misused but is advising customers located in the affected countries to reset their credentials as a precautionary step.
- Check out our roundup of the best endpoint protection (opens in new tab) software
- Keep your devices virus-free with the best malware removal (opens in new tab) software
- We've also put together a list of the best disaster recovery (opens in new tab) services available
The fallout continues
“As we previously shared, when Microsoft informed us about the compromise of a Mimecast-issued certificate used to authenticate a subset of Mimecast’s products, we advised affected customers to break and re-establish their connections with newly issued keys,” the Mimecast blog read (opens in new tab).
“The vast majority of these customers have taken this action, and Microsoft has now disabled use of the former connection keys for all affected Mimecast customers. We also launched an internal investigation, supported by leading third-party forensics experts, and we are coordinating our activities with law enforcement. Our investigation has now confirmed that this incident is related to the SolarWinds Orion software compromise and was perpetrated by the same sophisticated threat actor.”
Mimecast was initially informed that it may have been targeted by the SolarWinds hackers by Microsoft, after the Redmond-based firm noticed that some of its self-issued authentication certificates were compromised. Around 10% of Mimecast’s customers are believed to be affected.
Mimecast can at least take some small comfort from the fact that it is far from the only firm to be targeted by the SolarWinds hackers. Among the higher-profile victims, Malwarebytes (opens in new tab), FireEye, and Microsoft have all been impacted.
The SolarWinds breach was first discovered late last year and affected organizations based all over the world. It is unlikely that the admission from Mimecast will be the end of the SolarWinds story.
- We've also highlighted the best antivirus (opens in new tab) software