Trellix confirms data breach after hack of ‘a portion’ of its source code


Cybersecurity giant Trellix has confirmed suffering a cyberattack in which threat actors accessed parts of its source code. In a brief announcement published on its website, Trellix said it had identified “unauthorized access to a portion of [its] source code repository”.

As soon as it spotted the intrusion, the company brought in third-party security experts to resolve the problem, and notified relevant authorities. It also said the breach has not yet caused any disruptions whatsoever: “Based on our investigation to date, we have found no evidence that our source code release or distribution process was affected, or that our source code has been exploited,” it said.

Read more…
Source:  TechRadar  News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • 37 million T-Mobile customers hacked in data breach

    January 20, 2023

    T-Mobile said a “bad actor” accessed personal data from 37 million current customers in a November data breach. In a regulatory filing Thursday, the company said the hacker stole customer data that included names, billing addresses, emails, phone numbers, dates of birth, T-Mobile account numbers, and information describing the kind of service they have with the ...

  • PayPal says crooks poked around 35,000 accounts in credential stuffing attack

    January 19, 2023

    The personal information of 35,000 PayPal users was exposed in December, according to a notification letter sent to the online payment company’s customers this week. PayPal attributed this privacy breach to “unauthorized parties,” who accessed accounts using customer login credentials. That is to say, whoever got into the accounts had found out or guessed their victims’ ...

  • MailChimp discloses new breach after employees got hacked

    January 18, 2023

    Email marketing firm MailChimp suffered another breach after hackers accessed an internal customer support and account administration tool, allowing the threat actors to access the data of 133 customers. MailChimp says the attackers gained access to employee credentials after conducting a social engineering attack on Mailchimp employees and contractors. Read more… Source: Bleeping Computer  

  • Nissan North America data breach caused by vendor-exposed database

    January 17, 2023

    Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that exposed customer information. The security incident was reported to the Office of the Maine Attorney General on Monday, January 16, 2023, where Nissan disclosed that 17,998 customers were affected by the breach. Read more… Source: Bleeping Computer  

  • NortonLifeLock warns that hackers breached Password Manager accounts

    January 13, 2023

    Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks. According to a letter sample shared with the Office of the Vermont Attorney General, the attacks did not result from a breach on the company but from account ...

  • Hackers compromised Ontario liquor board website, stole customer data

    January 12, 2023

    Cyber attackers compromised the website of Ontario’s Liquor Control Board and stole personal information of customers who bought products online, the retailer has acknowledged. “At this time, we can confirm that an unauthorized party embedded malicious code into our website that was designed to obtain customer information during the checkout process,” the Crown corporation said in ...