nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

PasteBin data dump: Hackers claim files are from Mandiant FireEye 'breach'

Security analysts: None of our systems were pwned

By John Leyden, 31 Jul 2017

Hackers have leaked what they claim is information stolen from FireEye/Mandiant after apparently breaking into the incident response biz's network. Mandiant has denied this.

The miscreants, who branded their attack campaign "Op #LeakTheAnalyst," claimed in a preface to their PasteBin dump that they had "breached [Mandiant's] infrastructure" and alleged that Mandiant's internal networks and its clients' data had been compromised.

However, there is no hard evidence of any significant compromise. It appears Op #LeakTheAnalyst is the result of mischief-makers breaking into a Mandiant staffer's social media accounts and leaking some of the contents.

Ido Naor, a researcher at Kaspersky Lab, commented: "Only one workstation seems to be infected during ‪#leakTheAnalyst‬. Dump does not show any damage to core assets of ‪Mandiant‬."

Researcher Hanan Natan‏ agreed: "The current ‪#leakTheAnalyst‬ dump doesn't contain any [proof] that they compromised the ‪Mandiant‬ networks.‬"

In response, FireEye put out a preliminary statement blaming the whole thing on a social media leak.

We are aware of reports that a Mandiant employee's social media accounts were compromised. We immediately began investigating this situation, and took steps to limit further exposure. Our investigation continues, but thus far, we have found no evidence FireEye or Mandiant systems were compromised.

®

The Register - Independent news and views for the tech community. Part of Situation Publishing