On March 2, 2021, Microsoft released emergency security updates to plug four security holes
in Exchange Server versions 2013 through 2019 that hackers from Chinese cyber espionage group dubbed “Hafnium” were actively using to siphon email communications from Internet-facing systems running Exchange. While Microsoft has published the necessary patches, if your system was not patched immediately there is a high chance your systems were vulnerable to the attack and possibly hacked. If your system still has not been patched, it remains vulnerable to attack. The Cybersecurity & Infrastructure Security Agency (CISA) has issued an emergency directive ordering all federal civilian departments and agencies running vulnerable Microsoft Exchange servers to either update the software or disconnect the products from their networks. CISA has outlined specific guidance on how to check systems and mitigate vulnerabilities that all members connected to the Microsoft Exchange should follow.
If you believe your organization may have been a potential victim, you are to file a claim immediately. IRMA will work with you and our cyber insurance provider HSB to connect with an approved Breach Coach and/or a Forensic IT Firm.
- CISA Emergency Direction: Mitigate Microsoft Exchange On-Premise Product Vulnerabilities
- CISA Remediating Microsoft Exchange Vulnerabilities
IRMA Cyber Breach Claim Forms: