Targeting of Malwarebytes’ Office 365 tenant
Date of report
  • January 2021
The same threat actor that compromised SolarWinds abused applications with privileged access to Microsoft 365 and Azure environments, granting the actor access to a limited subset of Malwarebytes’ internal emails.
Suspected victims
  • Malwarebytes’ employees
Suspected state sponsor
  • Russian Federation
Type of incident
  • Espionage
Target category
  • Private sector
Victim government reaction
  • Unknown