Shares of Mimecast (MIME), an email security-management company, slid today after it said that a certificate that the company uses to authenticate some Microsoft services was compromised. The tech stock fell by as much as 12.8% today and was down by 12.6% as of 3:28 p.m. EST.
The company said in an SEC filing today that approximately 10% of its customers use the now-compromised certificate and there are "indications that a low single digit number" of its customers were specifically targeted. Mimecast said that it has contacted the customers to "remediate the issue."
Mimecast said that Microsoft informed them that a "sophisticated threat actor" had compromised the certificate that's used by the company to authenticate some of Microsoft's services, including Microsoft 365 Exchange Web Services. It also said in the filing that: "The security of our customers is always our top priority. We have engaged a third-party forensics expert to assist in our investigation, and we will work closely with Microsoft and law enforcement as appropriate."
Today's share-price slide leaves Mimecast's stock down 7.9% over the past 12 months.
Today's Mimecast announcement comes as tech companies and cybersecurity firms are still reeling from a recent attack on SolarWinds, in which the company said U.S. government systems were compromised by Russian-linked hackers. Mimecast didn't say whether or not today's announcement is linked to the SolarWinds attack.