More Cybersecurity Firms Confirm Being Hit by SolarWinds Hack
Two more companies, Mimecast and Qualys, have emerged in the SolarWinds breach, claiming that they were targeted by the same threat actor that breached the IT management solutions provider SolarWinds. The attack was a sophisticated supply chain hack that eventually went on to install backdoors in US agencies’ systems. Fidelis Cybersecurity has also confirmed that the same actors hit them, however, it is unclear if the organization was specifically targeted. Mimecast released a statement a few weeks ago stating that a sophisticated threat actor group had obtained a certificate used to authenticate its products with Microsoft 365 services after the tech giant discovered the vulnerability and reported it to Mimecast.
Experts believed that the incident might be related to the SolarWinds breach, which affected Microsoft as well. On Tuesday, researchers confirmed that the certificate theft was carried out by the same Russian hackers as the SolarWinds software compromise. The threat actor was able to exfiltrate encrypted service account credentials created by US and UK customers, according to Mimecast. Mimecast has advised all users to re-set passwords to mitigate any further risk.