Hackers have leaked what they claim is information stolen from FireEye/Mandiant after apparently breaking into the incident response biz's network. Mandiant has denied this.
The miscreants, who branded their attack campaign "Op #LeakTheAnalyst," claimed in a preface to their PasteBin dump that they had "breached [Mandiant's] infrastructure" and alleged that Mandiant's internal networks and its clients' data had been compromised.
However, there is no hard evidence of any significant compromise. It appears Op #LeakTheAnalyst is the result of mischief-makers breaking into a Mandiant staffer's social media accounts and leaking some of the contents.
Ido Naor, a researcher at Kaspersky Lab, commented: "Only one workstation seems to be infected during #leakTheAnalyst. Dump does not show any damage to core assets of Mandiant."
Researcher Hanan Natan agreed: "The current #leakTheAnalyst dump doesn't contain any [proof] that they compromised the Mandiant networks."
In response, FireEye put out a preliminary statement blaming the whole thing on a social media leak.
We are aware of reports that a Mandiant employee's social media accounts were compromised. We immediately began investigating this situation, and took steps to limit further exposure. Our investigation continues, but thus far, we have found no evidence FireEye or Mandiant systems were compromised.