U.S. CYBECURITY FIRM FIREEYE ADMITS ATTACK, THEFT OF ITS HACKING TOOLS
FireEye, one of the largest cybersecurity companies in the United States, said that it was hacked, likely by a government, and that an arsenal of hacking tools used to test the defenses of its clients had been stolen, Christopher Bing and Joseph Menn reported for Reuters.
The hack of FireEye, a company with an array of contracts across the national security space both in the US and its allies, is among the most significant breaches in recent memory. The company’s shares dropped 8% in after-hours trading.
The FireEye breach was disclosed in a public filing with the Securities and Exchange Commission citing CEO Kevin Mandia. A blog post by the company here said "red team tools" were stolen as part of a highly sophisticated, likely government-backed hacking operation that used previously unseen techniques.
It is not clear exactly when the hack initially took place, but a person familiar with the events said the company has been resetting user passwords over the past two weeks. Beyond the tool theft, the hackers also appeared to be interested in a subset of FireEye customers: Government agencies. The chairman of the House Intelligence Committee, Rep. Adam Schiff, said he would ask for more information. “We have asked the relevant intelligence agencies to brief the Committee in the coming days about this attack, any vulnerability that may arise from it, and actions to mitigate the impacts.”