to reset their credentials as a precautionary measure. Mimecast is advising customers hosted in the U.S.
#SOLARWINDS DATA BREACH SOFTWARE#
“We expect that additional organizations will learn or share that they were affected by the threat actor behind the SolarWinds Orion software compromise.” “It is clear that this incident is part of a highly sophisticated large-scale attack and is focused on specific types of information and organizations,” Mimecast said in a statement issued Tuesday morning. Mimecast, however, said it’s not aware of any of the encrypted credentials being decrypted or misused. and U.K., the company said, and gave hackers access to LDAP, Azure Active Directory, Exchange Web Services, POP3 journaling and SMTP-authenticated delivery routes of Mimecast customers. The compromised service account credentials were created by Mimecast customers hosted in the U.S. 5 the SolarWinds hack was carried out by a Russian Advanced Persistent Threat group for intelligence-gathering purposes. The Lexington, Mass.-based email security vendor said the SolarWinds hackers accessed and potentially exfiltrated encrypted customer service account credentials that established a connection from their Mimecast tenants to on-premises and cloud services. Mimecast’s certificate compromise was carried out by the same threat actor behind the SolarWinds attack and gave hackers access to customers’ on-premises and cloud services.
0 kommentar(er)
