Search
Close this search box.

Industries

Ensure your unique data and process requirements are being met with IT solutions built on deep domain experience and expertise.

Company

At Coretelligent, we’re redefining the essence of IT services to emphasize true partnership and business alignment.

Insights

Get our perspective on the connections between technology and business and how they affect you.

Coretelligent’s Response to the Mimecast Certificate Security Incident

In this post:

During the week of January 11, 2021, it was brought to our attention there was a security incident involving a Mimecast SSL certificate that is used to secure communications between Mimecast services and Microsoft 365 programs. It has been estimated that about 10% of Mimecast customers run using this certificate, but only a single digit number of customers experienced impacts due to this security incident. Mimecast has since resolved the certificate and has identified the small number of M365 domains and tenants potentially impacted. Their team has delivered proactive remediation steps for accounts or tenants who may have been potentially impacted.

We believe there is no active threat to Coretelligent nor our customers at large following this incident disclosure. We have identified only two customer accounts that were proactively flagged by Mimecast, but after thorough monitoring via our CoreArmor solution, we have determined no anomalies or indicators of compromise (IOCs) were detected. Our Remote Support Team has worked with Mimecast to implement necessary steps recommended by Mimecast to protect these flagged accounts and remove the compromised certificate.

The compromised certificate allowed customers to authenticate Mimecast Sync and Recover, Continuity Monitor, and connected to Microsoft Exchange Web Services. Potentially impacted customers were immediately contacted to remediate the issue and Mimecast provided necessary steps. These customers were recommended to delete their existing certificate-based connection with their M365 tenant and re-establish a new certificate with Mimecast. These actions would not impact inbound or outbound mail flow or associated security scanning. Other customers were not instructed to take any action because there is zero chance they were impacted.

Mimecast has expressed their gratitude for supportive customers as they are working tirelessly to remediate the issue and keep their accounts safe. For a full and more in-depth statement, you may reference Mimecast’s response here.

Coretelligent is actively monitoring the incident and staying up to date as new information may emerge. One of our core values is transparency, and we always aim to keep our clients aware of major or minor security hacks as they are brought to our attention. We hope you understand Coretelligent was not negatively impacted by the Mimecast certificate hack. If you have any questions or concerns, we are happy to address them. Our security and support teams are available to help. You can reach us here.

Your Next Read

Understanding the Updated NIST Cybersecurity Framework (CSF): A Guide for Businesses

How can we help you?

Our engineers provide help desk support and a whole lot more.