Trellix discloses data breach after source code repository hack
Source: Bleeping Computer
Breach Overview
Cybersecurity firm Trellix disclosed a data breach after attackers gained access to “a portion” of its source code repository. The company is investigating the incident with the help of outside forensic experts and, so far, has found no evidence that the threat actors have exploited or altered the accessed source code.
Company Background
Trellix is a global cybersecurity company formed from the October 2021 merger of McAfee Enterprise and FireEye. It provides services to over 50,000 business and government customers worldwide, protecting more than 200 million endpoints.
Response
Trellix issued an official statement:
“Trellix recently identified unauthorized access to a portion of our source code repository. Upon learning of this matter, we immediately began working with leading forensic experts to resolve it.”
— Trellix statement
“We have also notified law enforcement. Based on our investigation to date, we have found no evidence that our source code release or distribution process was affected, or that our source code has been exploited.”
A Trellix spokesperson reiterated the statement when asked for more details about the breach, including detection timing, potential theft of corporate or customer data, and any ransom demand. The company has not yet responded to a follow‑up request for additional information but indicated it will “share further details as appropriate” after the investigation concludes.
Related Incidents
-
Checkmarx – The LAPSUS$ hacking group leaked data stolen from Checkmarx’s private GitHub repository.
Read more -
Cisco – Hackers breached Cisco’s internal development environment and stole source code using credentials compromised in the recent Trivy supply‑chain attack.
Read more -
HackerOne – Hundreds of employees were notified in March that their personal information had been stolen after attackers hacked Navia, one of HackerOne’s U.S. benefits administrators.
Read more