Hackers also managed to access a subset of email addresses and other contact information, as well as encrypted and/or hashed and salted credentials.
“In addition, the threat actor accessed and downloaded a limited number of our source code repositories, but we found no evidence of any modifications to our source code nor do we believe there was any impact on our products,” the company added.
Mimecast added that it had no evidence that the threat actor accessed email or archive content held by the company on behalf of its customers.
The company was notified by Microsoft in January that a certificate it provided to customers to authenticate Mimecast Sync and Recover, Continuity Monitor, and IEP products to Microsoft 365 Exchange Web Services had been compromised by a threat actor Microsoft was actively investigating.
iTWire Wednesday, 17 March 2021 09:58 Mimecast says source code was stolen by SolarWinds attackers Featured Pixabay
Email security firm Mimecast says a hit on its infrastructure by attackers who used the SolarWinds supply chain to gain access, went deeper than already reported, with some of the company s source code being stolen.
The company
said on Tuesday, in an update to two previous blog posts on the same topic, that the threat actor(s) had gained additional access to its production grid and compromised a number of Windows systems.
On 14 January, Mimecast issued an announcement
saying that a certificate it had issued for authentication of Mimecast Sync and Recover, Continuity Monitor, and IEP products to Microsoft 365 Exchange Web Services had been compromised.
A new Mimecast update reveals the SolarWinds hackers accessed several “limited” source code repositories.
Hackers who compromised Mimecast networks as part of the SolarWinds espionage campaign have swiped some of the security firm’s source code repositories, according to an update by the company.
The email security firm initially reported that a certificate compromise in January was part of the sprawling SolarWinds supply-chain attack that also hit Microsoft, FireEye and several U.S. government agencies.
Attackers were found initially to have stolen a subset of Mimecast customers’ email addresses and other contact information, as well as certain hashed and salted credentials. However, in the most recent part of its investigation into the SolarWinds hack, Mimecast said it has found evidence that a “limited” number of source code repositories were also accessed.
Plus: Watch out for NTFS-corrupting folder, Mimecast hack, and more Share
Copy
In brief Last week ended with news that the venerable infosec mailing list Bugtraq was being shutdown at the end of the month.
From its first posts in November 1993, Bugtraq aimed to get details of vulnerabilities, as well as defence and exploitation techniques, onto netizens radar, and discussed among admins and security researchers. Posts to this once high-volume Symantec-owned list stopped on February 22 last year, and now we know why – a lack of funding and resources. Assets of Symantec were acquired by Broadcom in late 2019, and some of those assets were then acquired by Accenture in 2020, an email from the list administrators read.