Mimecast, a company that makes cloud email management software, today reported a security incident alerting customers that “a sophisticated threat actor” obtained one of its digital certificates and misused it to gain access to some Microsoft 365 To obtain accounts of its customers.
The London-based email software company stated that the certificate in question was used by several of its products to connect to Microsoft infrastructure.
Products that have used this certificate include Mimecast Sync and Recover, Continuity Monitor and IEP products, the company said in a message posted on its website today.
According to Mimecast, around 10% of all customers have used the affected products with this particular certificate. However, the “sophisticated threat actor” abused the stolen …