13 January 2021

Hackers compromised Mimecast certificate to target Microsoft 365 users


Hackers compromised Mimecast certificate to target Microsoft 365 users

Email security provider Mimecast disclosed a security incident involving “a sophisticated threat actor” compromising one of its digital certificates and using it to gain access to some of the company clients' Microsoft 365 accounts.

In a statement posted on its website Mimecast said that the hackers abused one of the certificates the company issued for its customers to safely connect Microsoft 365 Exchange to Mimecast services. The company said that it was informed of the compromise by Microsoft.

“Approximately 10 percent of our customers use this connection. Of those that do, there are indications that a low single digit number of our customers’ M365 tenants were targeted. We have already contacted these customers to remediate the issue,” Mimecast said.

The company did not provide details on when the incident took place, or how the attackers managed to gain access to the compromised certificate.

As a precautionary measure, Mimecast advised its customers using certificate-based connection to immediately delete the existing connection within their M365 tenant and re-establish a new certificate-based connection using the new certificate issued by the company.

“Taking this action does not impact inbound or outbound mail flow or associated security scanning,” Mimecast said.

Back to the list

Latest Posts

Vulnerability summary for the week: January 15, 2021

Vulnerability summary for the week: January 15, 2021

A weekly vulnerability digest.
15 January 2021
Iranian cyberspies took advantage of Christmas to launch spearphishing attacks

Iranian cyberspies took advantage of Christmas to launch spearphishing attacks

The Charming Kitten hackers sent fake text messages from “Google Account Recovery” and fake emails with Christmas content.
15 January 2021
NSA: Companies should use only designated enterprise DNS resolvers for DNS traffic

NSA: Companies should use only designated enterprise DNS resolvers for DNS traffic

DoH is not a panacea and does not guarantee protection from hackers, the NSA warns.
15 January 2021