E-mail safety supplier Mimecast mentioned on Tuesday that hackers had hijacked its merchandise to be able to spy on its prospects.
The corporate mentioned it had been alerted to the assault by investigators at Microsoft and that “a sophisticated threat actor” had compromised the certificates used to protect connections between its merchandise and Microsoft’s cloud providers.
In a four-paragraph assertion, the corporate mentioned round 10% of its greater than 36,000 prospects had been affected, however it believed “a low single-digit number” of customers had been particularly focused.
Cybercrime prices to high $1tr this 12 months: researchers
Mimecast spokeswoman Laura Barnes declined additional remark. “Our investigation is ongoing and we don’t have anything additional to share at this time,” she mentioned.
Mimecast gives a spread of electronic mail safety merchandise, reminiscent of programs to dam malicious net hyperlinks, phishing makes an attempt, and attackers utilizing pretend identities to be able to trick their victims into revealing delicate info.
Hackers used SolarWinds’ dominance towards it in sprawling spy marketing campaign
Three cybersecurity investigators, who spoke on situation of anonymity to debate particulars of an ongoing probe, advised Reuters they suspected the hackers who compromised Mimecast had been the identical group that broke into US software program maker SolarWinds and a bunch of delicate US authorities businesses.
The SolarWinds hack was disclosed final month and is likely one of the most bold cyber-espionage campaigns ever uncovered. USintelligence businesses have blamed Russia, which has repeatedly denied the allegations.