Mimecast, which provides email management systems, updates that the hacker was able to hack into the company’s systems and access customer information.
According to the company, the hacker was able to gain access to a certificate used to identify Mimecast services located on Microsoft’s server.
The company also states that all customers who may have been harmed have been updated and it also asks all customers of the company to replace the existing certificate in their possession with a new certificate issued by the company.
The breach was identified by Microsoft, which updated Mimecast that an unidentified source accessed the company’s servers.
According to DZNet: Mimecast says hackers abused one of its certificates to access Microsoft accounts.
Mimecast, a provider of email management software, said learned of the security incident from Microsoft.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
The Coming Wave of Social Engineering Attacks No One is Ready For
🛑 The AI-Powered Social Engineering Storm Is Coming
💡 Imagine getting a voice call from your CEO – but it’s not them. It’s a deepfake, paired with a perfectly written urgent email.
⚠️ That’s the next generation of phishing – faster, smarter, and terrifyingly convincing.
🤖 AI can now scrape your social media, corporate bios, and leaked data in seconds to create hyper-personalized attacks that feel 100% real.
🎯 This means your staff won’t just get generic spam. They’ll get messages with insider details, references to real projects, and even personal anecdotes.
🛡️ The solution isn’t just more training – it’s proactive intelligence. Dark web monitoring, deepfake detection, and continuous behavioral awareness are now mission-critical.
📉 Without them, even experienced executives will fall for scams that feel like direct conversations with trusted contacts.
📢 The attackers aren’t waiting – and neither should you. Book your AUMINT.io strategy session today to get ahead of the threat curve.
#CyberSecurity #SocialEngineering #FraudPrevention #DeepfakeThreats #CISOs #RiskManagement #DataSecurity #BusinessContinuity
🔐 CISOs: Free Resources for Implementing Data Loss Prevention (DLP) 🔐
Protecting sensitive data is a top priority, but deploying an effective DLP program can feel overwhelming – especially with limited budgets.
Luckily, there are excellent free resources designed to help CISOs plan, implement, and optimize DLP without costly licensing.
Here’s a curated list of top free DLP resources every CISO should explore:
1️⃣ CISA Data Protection Toolkit – Practical templates and guides to jumpstart your DLP strategy.
https://www.cisa.gov/data-protection
2️⃣ Microsoft DLP Policies Guide (M365) – Step-by-step instructions for setting up native DLP in Microsoft 365 environments.
https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies
3️⃣ GitHub Open-Source DLP Tools – A collection of scripts and lightweight tools for data discovery and monitoring.
https://github.com/topics/data-loss-prevention
4️⃣ NIST Special Publication 800-171 – Controls and best practices to safeguard controlled unclassified information.
https://csrc.nist.gov/publications/detail/sp/800-171/rev-2/final
5️⃣ Data Loss Prevention Framework by OWASP – Best practices for developers and security teams to build DLP into applications.
https://owasp.org/www-project-data-protection/
6️⃣ Google Workspace DLP Resources – Free guides to configure DLP in Google environments.
https://support.google.com/a/answer/7669608
7️⃣ The Privacy Rights Clearinghouse Data Protection Guide – Clear explanations of data protection principles and practical steps.
https://privacyrights.org/consumer-guides/data-protection
Implementing DLP is more than tech – it’s people, process, and policy.
Want to test your team’s susceptibility to accidental or intentional data leaks? AUMINT.io’s social engineering simulations highlight human risks that DLP tools can’t see.
📅 Explore how: Book a free intro call
🗂️ Save this post and strengthen your data protection efforts today!
#CISO #DataLossPrevention #DLP #CyberSecurity #InfoSec #AUMINT
The 19 Million Dollar Phishing Lesson No Business Can Ignore
🚨 The $19M Phishing Scam Every Business Should Fear
💡 A single phishing email cost a Milford firm 19 million dollars – and now they’re facing a negligence lawsuit.
📉 This wasn’t a sloppy scam. It was a precise, calculated attack where criminals perfectly mimicked trusted contacts. The transfer seemed legitimate… until it was too late.
🛑 The fallout? Vanished funds, broken trust, legal battles, and reputational damage that no insurance can fix.
🔍 Modern phishing isn’t random – it’s targeted, researched, and designed to bypass standard defenses. Spam filters can’t stop it. Firewalls can’t see it.
⚠️ The real weakness? A moment of human trust. Without continuous training, dark web monitoring, and real-time threat detection, even the most secure-looking organization is at risk.
💼 Lawsuits like this prove one thing – prevention isn’t optional. Clients and regulators expect proof of strong, proactive defense measures.
📢 Don’t gamble with your reputation or revenue. Book your AUMINT.io strategy call now and make sure your business never becomes the next headline.
#CyberSecurity #FraudPrevention #CISOs #FinanceLeaders #RiskManagement #PhishingPrevention #DataSecurity #BusinessContinuity