COVID-19 in Washington: Links and resources to help you during coronavirus pandemic

Top cybersecurity firm targeted by hackers

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

Cybersecurity firms are paid to protect their clients from hackers. But what happens when they’re the target?

U.S. cybersecurity firm Mandiant confirmed Monday that one of its analyst’s social media accounts had been compromised in an attack.

It was not immediately clear if internal networks belonging to Mandiant or its parent company FireEye had also been infiltrated.

“We immediately began investigating this situation, and took steps to limit further exposure,” Mandiant said in a statement. “Our investigation continues, but thus far it, we have found no evidence FireEye or Mandiant systems were compromised.”

An anonymous message posted online claimed that the analyst’s passwords, billing address, Amazon account and LinkedIn profile had been compromised. The hackers also claimed to have accessed Mandiant’s internal systems, but provided no evidence.

“Let’s go after everything they’ve got, let’s go after their countries, let’s trash their reputation in the field,” the post said of cybersecurity analysts. It called on other hackers to join its #LeakTheAnalyst operation.

FireEye shares dropped 3% on Monday.

Rustam Mirkasymov, a cyber threat intelligence expert at Group IB, said the attack was “very bad for the cybersecurity community.”

“This incident reveals that sometimes professionals who work in cybersecurity don’t pay enough attention to their own security,” he said.

Mirkasymov said it didn’t appear that any internal Mandiant or FireEye data was compromised based on the information posted online.

Mandiant, which was purchased by FireEye for $1 billion in 2014, tackles high-profile hacks and has worked for companies including Sony, Target and Home Depot.

Mandiant clients include financial firms, government agencies, universities and medical centers. The company says it has worked with Saudi Arabia’s energy ministry and the Texas Children’s Hospital, for example.

Notice: you are using an outdated browser. Microsoft does not recommend using IE as your default browser. Some features on this website, like video and images, might not work properly. For the best experience, please upgrade your browser.