The Cyber Security and Networking Agency F5 has revealed that this summer a “highly sophisticated” race-state threat actor has infiltrated his internal system, stealing details about the company’s Big-IP source code and software weakness.
Seattle-based agency released the incident on Wednesday SEC filing And a Customer memoThe attacker said that some of its products were developed before the violation and maintained “long -term, endless access” in the engineering system.
F5 discloses major security
F5 says it was learned about the infiltration of August 9 and the US judiciary allowed the public to delay public publication. The agency says that it believes that its addition attempt has been successful and it has not seen any new unauthorized activities.
F5 shares in trading were reduced by more than 3% in trading early Wednesday.
Some violated files have configuration details for a small percentage of customers, the company says, and those customers are being notified directly.
F5 says that there is no evidence that the attackers have accessed CRM or financial data, or tamper with its software supply chain. Independent reviews of NCC Group and IOOACTIVE confirmed that the company’s build and release systems were not corrected.
F5 discloses major security
The agency also said that the invaders did not reach the NGINX, F5 Distribution Cloud Service or Silverline to its other large product line.
F5 has published software updates for several products including F5 Big-IP, F5 OS and Big-IP, urging customers to immediately patches. The F5 is providing a threat-show guide and new equipment to help users strictly helping and monitoring suspicious activities.
F5 is one of the largest public tech companies in Seattle, whose market capital is about 19 billion and thousands of enterprise customers worldwide, including 80% of Fortune Global 500. Its hardware and software sits in the middle of most Internet traffic in the world, providing load-balancing, distribution and protection services for big corporations and government agencies.
Although the F5 products have been noticed in the past – including a Weakness 2020 and in promoting the “velvet ant” malware Uncovered In 2024 – it seems to be the first public violation of the F5’s internal systems.
Individually, F5 announced on Wednesday Michael Montoa He resigned from the company’s board and became its chief technology officer. Monta was recently a COO in Bluewant, a New York -based cyberquacy company.
F5 Report Recently in financial income 12% to $ 780 million in revenue, GAP net income with $ 190 million dollars, it is more than $ 144 million in the pre-period period.