We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.
Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Microsoft Exchange Breach Update

  • Microsoft Exchange Vulnerability

Microsoft Exchange Breach Update

By |2022-05-02T17:31:22+13:008 March, 2021|OneCall Updates, Cybersecurity|

We have been receiving many enquiries about the Microsoft vulnerability in regard to on-premise Exchange servers. The NZ government was notified of this breach yesterday and you may have noticed many articles that have popped up in media outlets. 

We wanted to let you know about this particular hack, when we became aware of it, the extent of the impact and the steps we have taken to ensure all of the businesses we work with are secure and no longer at risk to this specific vulnerability.  

What is the vulnerability to Microsoft Exchange? 

This breach was specifically linked to on-premise Microsoft Exchange servers so any clients with a cloud solution (such as Microsoft 365) are not impacted. It is understood, but not confirmed, that this attack originates from China and is targeting infectious disease researchers, law firms, higher education institutions and defence contractors. Some experts are suggesting that up to 30,000 businesses in the USA could be affected which is less than 0.1% of American businesses. 

When did we become aware of the attack? 

At OneCall we have tight security protocols in place which include monitoring several security channels as well as having Microsoft alerts in place. We became aware of this particular vulnerability on Tuesday 2nd March 2021. This is before it reached NZ media outlets.  

What was our response and what is the extent of the impact? 

We immediately implemented our Security Incident Response plan and mitigated the risk to affected customers, these customers accounted for less 1% of businesses we support. Follow up analysis was performed and none of these affected businesses were hacked and no data was jeopardisedIf you were a business that was affected, you will have already been personally notified. If you haven’t heard from us, you can rest assured that there was no impact to your business. 

Michael Shearer, CertNZ’s principal advisor for threats and vulnerabilities has stated to the media this morning that CertNZ will not comment on which NZ firms have been affected, as that information was confidential. 

If you have any concerns or questions, please do not hesitate to get in contact with your OneCall Account Manager. In doing so, please be patient, as you can expect we are currently receiving higher-than-normal call volume. 

back to blog

Share this story

The Cloud

is in our DNA

Get Started

© 2021 OneCall   |   All Rights Reserved
LinkedIn
Go to Top