MalwareBytes.org

In January 2021 Malwarebytes disclosed a security incident where a group of hackers identified as the same threat actors behind the SolarWinds attack gained access to some internal company emails. The attackers exploited a dormant email protection product within the Microsoft Office 365 environment. While the company stated that their products and source code remained secure and uncompromised the breach involved unauthorized access to internal communications and technical documentation. This incident highlighted the sophisticated nature of supply chain attacks and the targeting of prominent cybersecurity firms to gain further intelligence.