Mimecast releases report on SolarWinds security incident investigation
Mimecast released an incident response report on their internal investigation of the SolarWinds supply chain attack. The investigation was supported by third-party forensics and cyber incident response experts at Mandiant, a division of FireEye, and in coordination with law enforcement to aid their investigation into this threat actor.
During their investigation, Mimecast explains that the threat actor used the SolarWinds supply-chain compromise to gain access to part of the organization's production grid environment. Using this entry point, the threat actor accessed certain Mimecast-issued certificates and related customer server connection information.