Report on Our Security Incident Investigation
In January, Mimecast became aware of a security incident later determined to be conducted by the same sophisticated threat actor responsible for the SolarWinds supply chain attack. We immediately launched an internal investigation, supported by leading third-party forensics and cyber incident response experts at Mandiant, a division of FireEye, and in coordination with law enforcement to aid their investigation into this threat actor.
We have now completed our forensic investigation with Mandiant and have eliminated the threat actor’s access to our environment. We have no evidence that the threat actor accessed email or archive content held by us on behalf of our customers.
As we have said in our previous communications about this incident, we benefited from the expertise shared by others facing this threat actor and we believe that transparency and cooperation within the security community are essential, especially in our current environment of heightened cybersecurity risks. Consistent with those principles, we are making our incident report available here. We are providing this summary of our response to the sophisticated attack so others can learn from our experience.
Our report outlines a number of actions we have taken to prevent future access to our environment, and we will continue to monitor for threats and take precautionary steps as needed. We are committed to protecting our customers, as well as helping to create a more secure and resilient community.
Forward-Looking Statements
This communication contains “forward-looking” statements, which are subject to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995 and other federal securities laws, that are based on currently available information and our current beliefs, expectations and understanding. These forward-looking statements include statements regarding Mimecast’s current understanding of the identity and likely targets of the sophisticated threat actor, the scope and impact of the attack, the effectiveness of any current or future isolation and remediation efforts, the effectiveness of monitoring and prevention efforts on any future access going forward, and the information provided to us by third parties during the course of our ongoing investigation. Mimecast intends that all such forward-looking statements be covered by the safe harbor provisions for forward-looking statements contained in Section 21E of the Securities Exchange Act of 1934, as amended, and the Private Securities Litigation Reform Act of 1995. These statements are subject to future events, risks and uncertainties – many of which are beyond our control or are currently unknown to Mimecast. These risks and uncertainties include, but are not limited to, risks and uncertainties related to the uncovering of new information in the course of our investigation related to the nature, cause and scope of the issue, the reputational, financial, legal and other risks related to potential adverse impacts to our customers and partners, and the other risks, uncertainties and factors detailed in Mimecast’s filings with the Securities and Exchange Commission. Mimecast is providing the information in this communication as of this date and assumes no obligations to update the information included in this communication or revise any forward-looking statements, whether as a result of new information, future events or otherwise.
Subscribe to Cyber Resilience Insights for more articles like these
Get all the latest news and cybersecurity industry analysis delivered right to your inbox
Sign up successful
Thank you for signing up to receive updates from our blog
We will be in touch!