Content, Breach

Alleged FireEye Breach Update: (Nearly) Nothing to See Here

Steven Booth

An alleged FireEye breach that generated headlines last week wasn't actually a breach.

Indeed, a preliminary report from FireEye Chief Security Officer Steven Booth says the attacker did not breach, compromise or access the company's corporate network, despite multiple failed attempts to do so. Also, the attacked did not breach, compromise or access the victim’s personal or corporate computers, laptops or other devices.

So why all the chatter about the attack? Many of the so-called FireEye documents released by the attacker were previously publicly available or were screen captures created by the attacker, Booth asserted.

Still, two customer names were identified in the victim’s personal email and disclosed by the attacker, Booth wrote. FireEye contacted both customers and took additional steps to safeguard the victim's system and online accounts.

Case closed? Nearly. FireEye has only reached "preliminary" conclusions about the attack so far. But the info sounds comprehensive.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.