In January, Mimecast reported that a certificate compromise took place following the SolarWinds espionage campaign. However, Mimecast has recently confirmed that the firm’s source code repositories were also stolen during the attack.
Initially, it was thought that the SolarWinds attackers had only stolen a small amount of Mimecast’s customers’ personal data, such as email addresses and certain hashed credentials. Now, it has emerged that the attacks did in fact also steal a “limited” number of Mimecast’s source code repositories.