Trellix confirms data breach after hack of 'a portion' of its source code

News
By published

Key details are still missing

Cybersecurity ensures data protection on internet. Data encryption, firewall, encrypted network, VPN, secure access and authentication defend against malware, hacking, cyber crime and digital threat
(Image credit: Shutterstock)
  • Trellix discloses unauthorized access to part of its source code repository
  • Investigators found no evidence of disruption or exploitation of its release processes
  • Key details remain unclear, with the company promising further updates once the probe concludes

Cybersecurity giant Trellix has confirmed suffering a cyberattack in which threat actors accessed parts of its source code.

In a brief announcement published on its website, Trellix said it had identified “unauthorized access to a portion of [its] source code repository”. As soon as it spotted the intrusion, the company brought in third-party security experts to resolve the problem, and notified relevant authorities.

It also said the breach has not yet caused any disruptions whatsoever: “Based on our investigation to date, we have found no evidence that our source code release or distribution process was affected, or that our source code has been exploited,” it said. “As part of our commitment to our broader security community, we intend to share further details as appropriate once our investigation is complete.”

Article continues below

Key details missing

Some key details are still missing. We don’t know who struck Trellix, or how they did it. It is also unknown whether or not the attackers exfiltrated any sensitive data, or if they tried to extort the company for money. No one claimed responsibility for the attack just yet, and Trellix said it would share further details “as appropriate” once the investigation wraps up.

Trellix emerged in 2021 after McAfee Enterprise and FireEye merged - and as such, it does not have a long standalone breach history. However, FireEye was hit by a major, high-profile attack before the merger.

In 2020, FireEye suffered one of the most notable cybersecurity firm breaches ever, in which the attackers (most likely state-sponsored) stole the company’s internal red-team tools. These are the same tools used to simulate real-world attacks, and the breach was later linked to the broader SolarWinds cyberattack campaign.

FireEye publicly admitted the breach and even released countermeasures to blunt misuse of the stolen tools.

Via BleepingComputer

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Google logo on a black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.