A360
Key Takeaways✦ Atlas AI
01
A cybersecurity firm experienced a source code breach, with the RansomHouse group claiming responsibility and providing evidence of access to internal systems, highlighting the vulnerability of even security-focused organizations.
02
The breach is significant because it targets a cybersecurity firm with a global client base, raising concerns about potential downstream impacts on its Fortune 100 customers and the broader security landscape.
03
While the firm states no evidence of source code exploitation or impact on release processes has been found yet, the ongoing investigation into RansomHouse's claims of data encryption suggests potential further revelations and challenges for the company.
Atlas AI
Trellix has confirmed that an unauthorized party accessed a portion of its source code repository, asourceser the RansomHouse threat group claimed responsibility for the incident.
RansomHouse posted screenshots on its leak site that it said showed access to Trellix’s appliance management system. BleepingComputer reported it could not verify the authenticity of the images.
In a statement, Trellix said it began an investigation with forensic experts and notified law enforcement. The company said its investigation to date has found no evidence that its source code release or distribution process was affected, or that its source code has been exploited.
The threat actor alleged the intrusion occurred on April 17 and included data encryption. Trellix told BleepingComputer it is aware of the claims of responsibility and is looking into them.
Trellix is an international cybersecurity firm with a global client base that includes Fortune 100 customers across 185 countries, according to the source report. The investigation remains ongoing, and the company previously said it would share more details when available.
