F5 (FFIV) disclosed this morning that on August 9, the company learned that a “highly sophisticated nation-state threat actor had gained unauthorized access” to certain of its systems. “The Company promptly activated its incident response processes, and has taken extensive actions to contain the threat actor. To support these activities, the Company engaged leading external cybersecurity experts. The Company believes its containment actions have been successful and, since the initiation of its containment efforts, has not observed any evidence of new unauthorized activity. The investigation, monitoring, and related activities are ongoing,” it added. F5 determined that the threat actor maintained “long-term, persistent access” to certain F5 systems, including the BIG-IP product development environment and engineering knowledge management platform. “Through this access, certain files were exfiltrated, some of which contained certain portions of the Company’s BIG-IP source code and information about undisclosed vulnerabilities that it was working on in BIG-IP,” it added. The company is not aware of any undisclosed critical or remote code vulnerabilities, and is not aware of active exploitation of any undisclosed F5 vulnerabilities. “We have no evidence of modification to our software supply chain, including our source code and our build and release pipelines. This assessment has been validated through independent reviews by leading cybersecurity research firms,” the company said. Shares of F5 are down 5% to $327.45 in midday rating.
Elevate Your Investing Strategy:
- Take advantage of TipRanks Premium at 50% off! Unlock powerful investing tools, advanced data, and expert analyst insights to help you invest with confidence.
Published first on TheFly – the ultimate source for real-time, market-moving breaking financial news. Try Now>>
Read More on FFIV: