
Cybersecurity and networking firm F5 disclosed {that a} “extremely subtle” nation-state risk actor infiltrated its inside methods this summer time, stealing parts of the corporate’s BIG-IP supply code and particulars about software program vulnerabilities.
The Seattle-based firm disclosed the incident Wednesday in an SEC filing and a customer memo, saying the attacker maintained “long-term, persistent entry” to a few of its product growth and engineering methods earlier than the breach was contained.
F5 mentioned it discovered of the intrusion on Aug. 9, and that the U.S. Division of Justice approved a delay in public disclosure. The corporate mentioned it believes its containment efforts have been profitable and that it has seen no new unauthorized exercise.
F5 shares had been down greater than 3% in early buying and selling Wednesday.
A few of the breached information contained configuration particulars for a small share of shoppers, the corporate mentioned, and people prospects are being notified immediately.
F5 mentioned it has no proof that the attackers accessed CRM or monetary information, or tampered with its software program provide chain. Impartial critiques by NCC Group and IOActive confirmed that the corporate’s construct and launch methods weren’t modified.
The corporate additionally mentioned the attackers didn’t attain its different main product strains, together with NGINX, F5 Distributed Cloud Companies, or Silverline.
F5 launched software program updates for a number of merchandise, together with BIG-IP, F5OS, and BIG-IP Subsequent, urging prospects to patch instantly. F5 is offering a threat-hunting information and new instruments to assist customers harden methods and monitor for suspicious exercise.
F5 is one among Seattle’s largest public tech firms, with a market capitalization round $19 billion and hundreds of enterprise prospects worldwide, together with 80% of the Fortune World 500. Its {hardware} and software program sit in the course of a lot of the world’s web visitors, offering load-balancing, utility supply, and safety companies for main firms and authorities companies.
Whereas F5 merchandise themselves have been focused prior to now — together with a vulnerability in 2020 and the “Velvet Ant” malware marketing campaign uncovered in 2024 — this seems to be the primary publicly disclosed breach of F5’s inside methods.
Individually, F5 introduced Wednesday that Michael Montoya resigned from the corporate’s board and have become its chief know-how operations officer. Montoya was most lately COO at New York-based cybersecurity firm BlueVoyant.
F5 reported income progress of 12% to $780 million in its most lately fiscal earnings, with GAAP internet revenue of $190 million, up from $144 million within the year-ago interval.