<img alt="" src="https://secure.hiss3lark.com/173130.png" style="display:none;">

Datashield's Resource Library

Read all of our news, articles, reviews, and more in our company blog

All Posts

Mimecast Breach Bulletin: Vulnerability 01-26-21

Mimecast SolarWinds Vulnerability

On January 26th, 2020, Mimecast released an updated statement about the compromise first published on January 12th 2020.

Initially believed to be a targeted attack against a few select Mimecast customers, their follow-on investigation revealed a much wider attack surface. Mimecast was also able to conclude that this attack was the same threat actor behind the Solarwinds breach, which was the cause of their infection. The attackers were able to do following:

“The threat actor accessed, and potentially exfiltrated, certain encrypted service account credentials created by customers hosted in the United States and the United Kingdom. These credentials establish connections from Mimecast tenants to on-premise and cloud services, which include LDAP, Azure Active Directory, Exchange Web Services, POP3 journaling, and SMTP-authenticated delivery routes.”

Datashield and Mimecast are not aware of any of these credentials being decrypted and/or used. However, as a precaution, we are recommending clients reset these secrets to ensure they are not misused in the future.

Guides:

If you have any questions or concerns reach out to us or start a chat.

Topics from this Article

Mimecast, News, Email Security, CVE

Datashield
Datashield
Official Datashield account for blog content, news, announcements and more. The articles authored include a collaboration between internal staff, specifically the security operations and marketing team.

Related Posts

Strong Showing For Datashield Partners In 2021 Gartner Magic Quadrant

With a clear separation in the market among the considered vendors, the newest Gartner Magic Quadrant for EPP, showcases 4 Datashield partners who are leading in this space.

How Datashield and ExtraHop Work Together

Learn how Datashield partners with ExtraHop, our premier Network Detection and Response (NDR) partner, from our Director of Product Management Mike Heller. I first met the ExtraHop team at RSA Conference 2020, just weeks before the world changed from COVID-19. After the initial meet and greets, we decided to schedule a time to do a deep dive post-conference. Datashield saw an immediate value-add that our service would bring from a technology perspective.

What is Cyber Insurance?

Statistics show that the fallout from successful cybersecurity incidents has both financial and business-related consequences. A data breach costs the average enterprises approximately $60,000, and in extreme situations, small and medium-sized businesses may go out of business within 6 months from the date the incident occurred. Thus, to determine whether the financial cost of successful hacking attempts, businesses have turned to insurance to deal with extensive losses.