Hackers steal Mimecast certificate used to encrypt customers’ M365 traffic

by
Dan Goodin
from Ars Technica - All content on (#5CR7K)
encryption-800x517.jpg

Enlarge (credit: Getty Images)

Email management provider Mimecast said that hackers have compromised a digital certificate it issued and used it to target select customers who use it to encrypt data they sent and received through the company's cloud-based service.

In a post published on Tuesday, the company said that the certificate was used by about 10 percent of its customer base, which-according to the company-numbers about 36,100. The sophisticated threat actor" then likely used the certificate to target a low single digit number" of customers using the certificate to encrypt Microsoft 365 data. Mimecast said it learned of the compromise from Microsoft.

Certificate compromises allow hackers to read and modify encrypted data as it travels over the Internet. For that to happen, a hacker must first gain the ability to monitor the connection going into and out of a target's network. Typically, certificate compromises require access to highly fortified storage devices that store private encryption keys. That access usually requires deep-level hacking or insider access.

Read 4 remaining paragraphs | Comments

index?i=98Fkf--hBpo:37ldnshemaM:V_sGLiPB index?i=98Fkf--hBpo:37ldnshemaM:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments