Incident Report

Incident Report

Posted March 16, 2021

Incident Report

  • In January, we became aware of a security incident later determined to be conducted by the same sophisticated threat actor responsible for the SolarWinds supply chain attack.
  • The threat actor accessed certain Mimecast-issued certificates and related customer server connection information.
  • Beyond the low single-digit number of customers targeted by the threat actor, which we contacted as described in our first blog post, we are not aware that any other customers were actively targeted.
  • Forensic analysis of all customer-deployed Mimecast software has confirmed that the build process of the Mimecast-distributed executables was not tampered with.
  • We are in the process of implementing a new OAuth-based authentication and connection mechanism between Mimecast and Microsoft technologies, which will provide enhanced security to Mimecast Server Connections.

| March 16, 2021