Email and web security specialist Mimecast has notified customers that it has suffered a cyberattack.
The company explained a “sophisticated threat actor” had hijacked its Sync and Recover, Continuity Monitor and IEP (Internal Email Protect) products to spy on users.
This was made possible through a certificate used to authenticate different services to Microsoft Office 365 Exchange Web Services that was also compromised. Approximately 10 percent of its 36,000-strong customer base were affected, the company explained.
Potential victims have been warned about the intrusion and Mimecast has urged them to re-establish a new certificate-based connection with the new certificate it released.
The firm added that law enforcement agencies have been notified and a third-party forensics firm will help with the investigation.
Speaking to Reuters, three cybersecurity investigators disclosed that the attack might very well be the work of the group that was behind the recent SolarWinds supply chain attack, which affected roughly 18,000 companies, including tech giants and US government agencies.
Even though there is no hard evidence yet, many experts have pointed the finger at Russia, saying a state-sponsored actor called APT29 was behind the attack.