FireEye

NJCCIC Data Breach Notification

Original Release Date: 12/10/2020

Summary

Cybersecurity firm FireEye disclosed this week that they were the victim of a sophisticated cyberattack, which they are investigating with the Federal Bureau of Investigation and partners, including Microsoft. The threat actor targeted and accessed red team tools used by FireEye to test their customers’ security. As a result, FireEye proactively released methods and means to detect the use of their stolen tools, including 300 countermeasures. The company believes the hack is the result of a nation-state cyber-espionage effort as the threat actor targeted information related to certain government customers. At this time, it does not appear that the threat actor exfiltrated data from the FireEye systems that store customer information from incident response or consulting engagements, or metadata collected by FireEye’s dynamic threat intelligence systems. More information on the cyberattack, breach of red team tools, and countermeasures can be found in the FireEye blog posts (12) and GitHub repository.

New Jersey Cybersecurity & Communications Integration Cell

2 Schwarzkopf Dr, Ewing Township, NJ 08628

njccic@cyber.nj.gov

OUR COMMITMENT

The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.

Agency Seals of State of NJ, NJOHSP and NJCCIC

STAY CONNECTED:

View our Privacy Policy here.

View our Site Index here.