Hackers spy on Mimecast customers

Edward Kost
Edward Kost
January 13, 2021

Email security firm Mimecast has had its digital certificate compromised giving threat actors access to private customer communications.

In an official statement Mimecast announced that their digital certificate used to protect connections between its products and Microsoft’s cloud services was compromised. Microsoft informed them of the incident.

“Approximately 10 percent of our customers use this connection. Of those that do, there are indications that a low single digit number of our customers’ M365 tenants were targeted. We have already contacted these customers to remediate the issue.” Mimecast said in their statement.

By compromising a certificate used to encrypt data, threat actors are able to decrypt, read and even modify the data. 

This type of cyberattack is exceedingly difficult to execute since it requires private encryption keys stored in highly secure internal servers. Without hacking acuity, such a breach is only possible through insider access. 

Impacted Mimecast customers are advised to delete their current Microsoft 365 connection and to reconnect with a replacement certificate.

The small subset of impact customers is a reason for concern. If threat actors were sophisticated enough to access highly guarded encryption keys, why was the impact so prosaic?

The chilling possibility is that this was a highly targeted attack intercepting the communications of specific Mimecast customers. An echo, and possible connection, to the surgical hacking methods of the SolarWinds breach.

How secure is Mimecast?

Mimecast Limited is a Jersey-domiciled, UK-headquartered company specializing in cloud-based email management for Microsoft Exchange and Microsoft Office 365, including security, archiving, and continuity services to protect business mail.
  • Check icon
    View our free preliminary report on Mimecast’s security posture
  • Check icon
    13 risk factors, including email security, SSL, DNS health, open ports and common vulnerabilities
Security ratings
Abstract shape
Deliver icon

Sign up for our newsletter

Stay up-to-date on everything UpGuard with our monthly newsletter, full of product updates, company highlights, free cybersecurity resources, and more.
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

Protect your organization

Get in touch or book a free demo.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan rating