You need to scan your email Servers. CISA advises all Organizations using MS Exchange

The Cybersecurity and Infrastructure Security Agency(CISA) has encouraged all Organizations using Microsoft Exchange to scan devices for vulnerabilities. This comes after an Unusually aggressive attacked allowed hackers to access email accounts of at least thirty thousand Organizations in the United States. The second major hacking campaign to hit America since the 2020 elections. This has caused the Biden Administration to launch an emergence taskforce to address the issue. This is an active threat, the latest hack that comes on the heels of Solarwinds, a separate series of sophisticated attacks attributed to Russia that breached about 100 American Companies and nine federal agencies. So far Solarwinds Hack is the work of 1000 Engineers as told by Tech Executives to the senate. However researchers on the issue say the recent hack began as a controlled attack on a few large targets starting in late 2020 and was only detected in early January as it developed into a widespread campaign. Additional attacks are still expected from other hackers as the code used to take control of the mail Server keeps spreading