SmarterTools confirmed last week that the Warlock ransomware gang breached its network after compromising an email system, but it did not impact business applications or account data.
The company’s Chief Commercial Officer, Derek Curtis, says that the intrusion occurred on January 29, via a single SmarterMail virtual machine (VM) set up by an employee.
“Prior to the breach, we had approximately 30 servers/VMs with SmarterMail installed throughout our network,” Curtis explained.
Microsoft is investigating an ongoing Exchange Online issue that mistakenly flags legitimate emails as phishing and quarantines them.
The incident began on February 5 and continues to affect Exchange Online customers, preventing them from sending or receiving emails.
“Some users’ legitimate email messages are being marked as phish and quarantined in Exchange Online,” Microsoft said in a service alert when it acknowledged the bug on Thursday.