Based on information recently received regarding Microsoft 360 vulnerabilities, please be advised that the StoneHill Group (TSG) has not been affected by this incident. The vulnerabilities’ impacted on-premises Microsoft Exchange Servers and are not known to impact Exchange Online or Microsoft 365 cloud email services.
TSG utilizes Microsoft 365 email services which were not impacted. We have also contacted all our 3rd party vendors and determined there was no negative impact because of these vulnerabilities.
Links to information related to these vulnerabilities are provided as follows:
- Attack overview – https://link.edgepilot.com/s/2a715453/YKXZr9akCk2VZ8q90yQhmQ?u=https://www.bleepingcomputer.com/news/security/the-microsoft-exchange-hacks-how-they-started-and-where-we-are/
- Microsoft Alert – https://link.edgepilot.com/s/1a926347/i8RI6EAz8Uui6i4ouhWQ-g?u=https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2021-exchange-server-security-updates/ba-p/2175901
The StoneHill Group, (TSG), maintains a comprehensive Information Technology platform, including both Physical and Logical security protocols to ensure all non-public confidential information is secure during the transmission, processing, and storage of data. Utilizing a secure, state of the art facility, our US based services, systems and processes are SSAE18 and SOC 2 compliant.
TSG maintains security incident management policies and procedures, including detailed security incident escalation procedures. TSG will promptly notify Clients in the event TSG becomes aware of an actual or reasonably suspected unauthorized disclosure of Client data.
Please click here for more information on our Security Information Policies.
We appreciate your business and sincerely thank you for your continuing partnership. If you have any further questions, feel free to reach out to Chuck Wells, Director of Compliance & Internal Audit, at firstname.lastname@example.org.