Malwarebytes, a cybersecurity firm, confirmed this week that the same hackers believed to originate from Russia who were behind the SolarWinds incident were able to access some of its internal emails without authorization.
According to the company, it did not use SolarWinds software, but had been targeted by the same hackers to access its O365 and Azure environments. It further stated that the access included a limited number of internal company emails, but did not include any access or compromise of its production environments, which is good news for its customers.
The CEO of Malwarebytes stated that the hacking campaign that started with FireEye and has affected both governmental agencies and Fortune 500 companies alike “is much broader than SolarWinds and I expect more companies will come forward soon.”
The fallout from these incidents continues, and no doubt there will be more to come.