Cybersecurity firm Malwarebytes today confirmed that the threat actor behind the SolarWinds supply-chain attack were able to gain access to some company emails.
“While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor,” Malwarebytes CEO and co-founder Marcin Kleczynski said.
“We can confirm the existence of another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments.
“After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails.”
Source: Bleeping Computer