Mimecast disclosed a security incident in which a sophisticated threat actor has managed to get one of its digital certificates and abused it to gain access to some of its clients’ Microsoft 365 accounts.
The London-based company that makes cloud email management software, said that the certificate in question was used by several of its products to connect to Microsoft infrastructure.
The products that used this certificate include Mimecast Sync and Recover, Continuity Monitor, and IEP products.
Mimecast posted a message on its website stating that around 10% of all its customers used the affected products with this particular certificate. However, the “sophisticated threat actor” abused the stolen certificate to gain access to only a few of these customers’ Microsoft 365 accounts.
The company has already contacted all the affected customers which comes to less than 10.
In order to prevent future abuse, the company is now recommending all other customers to delete their existing connection within their M365 tenant and re-establish a new certificate-based connection using the new certificate made available.
The company became aware of the incident from Microsoft when they detected unauthorized access to some accounts.
Mimecast is now working with a third-party forensics’ expert, Microsoft, and law enforcement to investigate how the certificate was compromised and its aftermath.
Image Credits : JM Exclusives