FireEye Mandiant Analyst Reportedly Hacked, Attackers Claim Further Leaks Possible
An analyst for FireEye's Mandiant division has reportedly been hacked, with attackers leaking data from the analyst and claiming further leaks to come.
In a blog post Sunday evening, hackers leaked records of Adi Peretz, a senior threat intelligence analyst at Mandiant.
According to the Salted Hash blog, hackers claimed the records came from the analyst's compromised system and included emails and images of the analyst's One Drive account, Live account, LinkedIn account, personal device geo-tracking data, billing records, PayPal receipts, credentials for FireEye portals, and Amazon account. The records also included some records and documentation from customers.
[Related: One Year Of Kevin Mandia: Partners Say FireEye Is Evolving Under New CEO, But Still Has Work To Do]
The hackers claimed in the blog post to have further records from the Mandiant compromise, which they claim dated back to 2016 and continued into early this year.
’This leak was just a glimpse of how deep we breached into Mandiant, we might publish more critical data in the future,’ the post said.
In an emailed statement to CRN, a FireEye spokesperson said the company is ’aware of reports that a Mandiant employee’s social media accounts and personal laptop have been compromised.’
’We are investigating this situation, and have taken steps to limit further exposure. While our investigation is ongoing, there is currently no evidence that FireEye or Mandiant corporate systems have been compromised. Our top priority is ensuring that our customer data is secure. To date, we have confirmed the exposure of business documents related to two separate customers in Israel, and have addressed this situation with those customers directly. This in an ongoing investigation, and new or additional information may emerge as we continue looking into this matter,’ the spokesperson said.
FireEye shares were down more than 4.8 percent to $14.54 on the news.
Mandiant is one of the best-known companies for breach remediation and cybersecurity consulting services in the country. It was acquired by FireEye for $1 billion in 2014 and former CEO Kevin Mandia is now CEO of FireEye.