Cybersecurity firm F5 discloses nation-state hack, says operations unaffected

(Reuters) -Cybersecurity firm F5 said on Wednesday it had detected unauthorized access to certain company systems by a highly sophisticated nation-state threat actor, but the breach had no impact on its operations. The company discovered the intrusion on August 9 and took "extensive actions" to contain the threat, engaging external experts, including CrowdStrike, Mandiant, NCC Group and IOActive, to assist with the investigation, it said in a filing with the U.S. Securities and Exchange Commission. F5, a provider of cybersecurity and multi-cloud application services, said the attacker had long-term access to its internal systems used to develop BIG-IP software and stole files containing parts of the program's code and details about security flaws that had not yet been made public. The company, however, said it found no signs that key security flaws were used in attacks or that its software development process had been tampered with. F5 said information from a few customers was involved in the breach, and it was reaching out to those affected directly. The company continues to strengthen its security controls and infrastructure following the incident, it said, adding that the U.S. Department of Justice had approved a delay in publicly disclosing the breach until September 12, citing national security considerations. (Reporting by Akash Sriram in Bengaluru; Editing by Shilpi Majumdar)

(The article has been published through a syndicated feed. Except for the headline, the content has been published verbatim. Liability lies with original publisher.)