In January, we became aware of a security incident later determined to be conducted by the same sophisticated threat actor responsible for the SolarWinds supply chain attack.
The threat actor accessed certain Mimecast-issued certificates and related customer server connection information.
Beyond the low single-digit number of customers targeted by the threat actor, which we contacted as described in our first blog post, we are not aware that any other customers were actively targeted.
Forensic analysis of all customer-deployed Mimecast software has confirmed that the build process of the Mimecast-distributed executables was not tampered with.
We are in the process of implementing a new OAuth-based authentication and connection mechanism between Mimecast and Microsoft technologies, which will provide enhanced security to Mimecast Server Connections.